Shaarli export of all bookmarks on Fri, 20 Sep 19 07:41:01 -0400
- The Five Pressures of Leadership
- 1. Unclear boundaries
2. Pay
3. Working with volunteers
4. Burden of responsibility
5. Loneliness
- Virtualization The Future: How to Create Custom Docker Images - Part 8
- State Farm Security Fail – The Wacky World of Chris Knight
- Basics: Handling a Failed Backup | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, PowerProtect, CSM
- Multitenant : Massive Changes in 19c and 20c | The ORACLE-BASE Blog
- ODA X8-2: the new generation - Blog dbi services
- Redefining Hyper Converged Infrastructure — ThinkCharles.net
- Terraform Cloud – Step by step configuration | JohannStander
- SAN vs. NAS: Comparing two approaches to data storage | Enable Sysadmin
- Blue's Yeti X microphone comes with everything you need to sound like a pro
- AI can gauge the risk of dying from heart conditions
- If you’re not using SSH certificates you’re doing SSH wrong - smallstep
- Moving oracle database to new home on ODA - Blog dbi services
- Millions of Americans' medical records are out in the open on the internet
- Alleged JPMorgan hacker set to plead guilty
- Andrei Tyurin
- SIM-based attack has been used to spy on people for two years
- ANSI or Oracle Style Joins? – ThatJeffSmith
- Ansible Blocks With Conditionals - EverythingShouldBeVirtual
- Installing the windows subsystem for linux and use Terraform with VS Code | JohannStander
- Checking power settings on VMs using powershell • My Virtual Vision
- The Memory/Storage Hierarchy | The SSD Guy
- Cyber Security Roundup for August 2019 - Security Boulevard
- Scaling-Up and Automating Web Application Security - Security Boulevard
- How to get a big picture of K8s pods and PVs by script - Blog dbi services
- Taking Health Care Out of the Ransomware Hot Seat - Security Boulevard
- What is the CCPA and Who Must Comply? The California Consumer Privacy Act Explained - Security Boulevard
- Top 5 Back to School AppSec Tips for Developers
- #1 Be Security Minded
#2 Embrace Automated Testing
#3 Keep Your Code Secure from Prying Eyes
#4 Keep Your Dependencies Up to Date
#5 Beware the Input Validation Error — Test, Test, Test
- A Cyber Incident Response Plan for Your Web Applications - Security Boulevard
- Why Most Organizations Still Can’t Defend against DCShadow – Part 2 - Semperis
- Why Most Organizations Still Can’t Defend against DCShadow - Semperis
- CISOs in the Boardroom: Translating Tactical Cybersecurity into Business Objectives - Security Boulevard
- What’s it like being a cybersecurity risk analyst? - Security Boulevard
- Review of Apache Struts vulnerabilities yields 24 updated advisories - Security Boulevard
- Serverless Security Explained - Security Boulevard
- How GDPR, CCPA impact healthcare compliance - Security Boulevard
- 50 Valuable PCI Compliance Tips
- 5 Modern Skills for Modern Chief Information Officer (CISO)
- 1. Financial Fluency
2. Communication Skills
3. Empathy
4. Technical Chops
5. Ambition
- Three Ways for Healthcare to Handle Cyber Threats - Security Boulevard
- How to Address PCI DSS Requirement 6.6 — A Two-For-One Solution From Threat Stack - Security Boulevard
- HOWTO: Handle Windows Activation on non-domain-joined Web Application Proxies - The things that are better left unspoken
- Overview of NIST 800-171b: What you need to know
- URGENT/11 – New ICS Threat Signatures by Nozomi Networks Labs - Security Boulevard
- The Benefits, Characteristics and Components of Flyaway Kits for Incident Response | Bricata
- Detecting Cars With An ESP8266 Magnetometer | Hackaday
- Migration to Github Pages! – ZenCoffee Blog – random notes, guides, and thoughts…
- Kubernetes Pentest Methodology Part 2 | CyberArk
- Kubernetes Pentest Methodology Part 1 | CyberArk
- The Top Five Cybersecurity Issues Trending in 2019 - Security Boulevard
- 1. Phishing Attacks
2. IoT Ransomware
3. Increased Data Privacy Regulation
4. Cyber Attacks on Mobile Devices
5. Increased investment in automation
- Understanding CCPA: It's Time to Action a Plan for Compliance - Security Boulevard
- 7 most common application backdoors
- The Four Pillars of CASB: Threat Protection
- 20 Surprising IoT Statistics You Don’t Already Know - Security Boulevard
- SSH Key Management Without the Hassle | JumpCloud
- How To Handle HIPAA Compliance with Serverless Security | Protego
- HIPAA Compliance Checklist - Threat Stack
- 10 of the Most Significant Ransomware Attacks of All Time
- Introducing Accelerated Database Recovery with SQL Server 2019 - Blog dbi services
- Transaction / Regular Paper Title - govins20.pdf
- The Cyberwar In Yemen - VICE
- InfoSec Handlers Diary Blog - Verifying SSL/TLS configuration (part 1)
- The Cost of Dealing With a Cybersecurity Attack in These 4 IndustriesSecurity Affairs
- Healthcare providers can improve their third-party vendor management - Security Boulevard
- Zero Day Initiative — The August 2019 Security Update Review
- Windows Incident Response: A Brief History of DFIR Time, pt I
- The five basic data privacy rules - VinciWorks Blog
- Privilege Escalation Cheatsheet (Vulnhub)
- Guide to Red Team Operations
- NBlog - the NoticeBored blog: NBlog Aug 20 - cyber-insurance standard published
- NBlog - the NoticeBored blog: NBlog Aug 19 - extending the CIS security controls
- Pentagon Buys Equipment With Known Vulnerabilities: Audit
- Firmware Slap - Discovering Vulnerabilities In Firmware Through Concolic Analysis And Function Clustering
- VulnWhisperer - Create Actionable Data From Your Vulnerability Scans
- Backup is Your Responsibility - Even in Public Cloud - Architecting IT
- More Than 99% of Cyberattacks Need Victims' Help
- Remembering Gene Crick, Digital Rights Pioneer | Electronic Frontier Foundation
- Automated incident response in Office 365 ATP now generally available
- OWASP ASVS Version 4.0 Controls Checklist Spreadsheet + 5 Benefits | Pivot Point Security
- OWASP ASVS
- Securing Software on Healthcare IoT Devices - ShiftLeft Blog
- Build a Kali Linux ISO with the latest OS patches and packages | slice2
- Apache Struts Security Advisories updated after review | Synopsys
- History Doesn't Repeat Itself in Cyberspace
- 8 Head-Turning Ransomware Attacks to Hit City ...
- Demystifying New FIDO Standards & Innovations
- Transforming 'Tangible Security' into a Competitive ...
- Calculating the Value of Security
- The 10 Essentials of Infosec Forensics
- 'IBM PC Compatible': How Adversarial Interoperability Saved PCs From Monopolization | Electronic Frontier Foundation
- Retadup Worm Squashed After Infecting 850K Machines
- Retadup
- Annual global data breach costs to exceed $5 trillion by 2024: report
- ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019 | Threatpost
- NIST Lays Out Roadmap for Developing Artificial Intelligence Standards - Nextgov
- The health record interoperability dilemma
- 'It Saved Our Community': 16 Realistic Ransomware ...
- It's Not Healthy to Confuse Compliance with Security
- The Philosophy Behind My New Product Discovery Idea | Daniel Miessler
- GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
- Very Short Introduction to Data Science Terminology
- Understand Machine Learning in 6 Minutes - Towards Data Science
- 4 to-do list managers for the Linux desktop | Opensource.com
- 4 Different Rules of Thumb For How Much House You Can Afford — My Money Blog
- Causes of Wealth: Reality vs. News Coverage — My Money Blog
- Supply-Chain Security in Open-Source Software « ipSpace.net blog
- An Open Letter To IT Recruiters | Advanced Persistent Security
- Improving BGP routing security by minding your MANRS | CSO Online
- Can VMware become a leading cybersecurity vendor? | CSO Online
- 4 Reasons Waiting to Switch to the Cloud May Cost You | CSO Online
- Why cybersecurity is a central ingredient in evolving digital business models | CSO Online
- Summary: Never Split the Difference | Daniel Miessler
- A Conversation with Ken Modeste | Daniel Miessler
- Day-1 Skills That Cybersecurity Hiring Managers Are Looking For | Daniel Miessler
- The Definition of a Green Team | Daniel Miessler
- How to Check the Software and Hardware Version of a Raspberry Pi | ozzmaker.com
- VMware Tools installation and upgrade tips and tricks - ivobeerens.nl
- Nmap Idle Scan tutorial – Linux Hint
- Adding Third-Party Drivers into VMWare ESXi 6.7 ISO Image | Windows OS Hub
- VMWare ESXi Doesn’t Detect FC HBA adapters | Windows OS Hub
- Say hello to Isaac Computer Science - Raspberry Pi
- From 1999 to 2017: PCI Continues to Evolve | Sword & Shield
- CERIAS Blog - CERIAS - Purdue University
- Cyber Security Hall of Fame 2019 Inductees - CERIAS - Purdue University
- 8 hot IT security jobs and what they pay | CSO Online
- Leader of new NSA Cybersecurity Directorate outlines threats, objectives | CSO Online
- Insecure virtual USB feature in Supermicro BMCs exposes servers to attack | CSO Online
- 5 signs your security culture is toxic (and 5 ways to fix it) | CSO Online
- Data privacy in the IoT age: 4 steps for reducing risk | CSO Online
- 7 steps to ensure your Azure backup works when you need it | CSO Online
- What is the cost of a data breach? | CSO Online
- e
- Ransomware Gaining Momentum | Advanced Persistent Security
- Intro to Malware Dynamic Analysis: Part 5 | Advanced Persistent Security
- Intro to Malware Dynamic Analysis: Part 4 | Advanced Persistent Security
- Intro to Malware Dynamic Analysis: Part 3 | Advanced Persistent Security
- Intro to Malware Dynamic Analysis: Part 2 | Advanced Persistent Security
- Intro to Malware Dynamic Analysis: Part 1 | Advanced Persistent Security
- Researchers Discover Vulnerable SCADA Product & Responsive SCADA Vendor – RBS
- Incident Response report 2018 | Securelist
- Robert Penz Blog » Proxmox Container with Debian 10 does not work after upgrade
- Overview of LEAPWORK Web Automating Tool - EvilTester.com
- AWS High Performance Storage – Gabe's Blog
- Google Online Security Blog: How Google adopted BeyondCorp: Part 2 (devices)
- Google Online Security Blog: How Google adopted BeyondCorp
- Three Strategies to Avoid Becoming the Next Capital One
- Azure Guest Users - Risks and Security Considerations
- Verizon White Paper: CISO’s Guide to Cloud SecurityRafeeq Rehman – Personal Blog
- CISO MindMap 2019: What Do InfoSec Professionals Really Do?Rafeeq Rehman – Personal Blog
- What Are the Benefits of Cyber Exercises? - Delta Risk
- Top 10 Uses of Wireshark for Hackers Part II - The Ethical Hacker Network
- Notes on ZFS / Solaris forensics | DiabloHorn
- A Consumer’s Guide to Protecting Important Data From Ransomware
- ZigDiggity - ZigBee Hacking Toolkit
- Securing the Cloud: A Story of Research, Discovery, and Disclosure - Black Hills Information Security
- Getting IT & OT to speak the common language of IIoT vulnerability management
- SMBs focused on improving IT security
- The breach prevention playbook
- Security professionals now think cloud is safer than on-premise
- 8 Ridiculous EULA Clauses You May Have Already Agreed To
- 3 Android Motion Sensor Security Risks and How to Stay Safe
- How to Build a Mind Map in Microsoft Word
- How to Use OneNote for School: 10 Tips for Students and Teachers
- The 11 Best Raspberry Pi Projects for Beginners
- eDiscovery Checklist Manifesto
- Linked: Don’t worry about shadow IT. Shadow IoT is much worse.
- Is USB blocking misguided security? - The Silicon Underground
- Reviews of the NanoVNA: An Ultra Low Cost $50 Vector Network Analyzer
- Cognitive Governance: 5 Principles | TheGRCBlueBook
- Cognitive Governance: The First Pillar of a Cognitive Risk Framework | TheGRCBlueBook
- Five More L&D Books for Learning Professionals
- Performance Evaluations: What Not to Do » Public Libraries Online
- PowerShell: Add All Members of an OU to a Security Group | PeteNetLive
- When Experienced Women Engineers Look for New Jobs, They Prioritize Trust and Growth — The WordPress.com Blog
- DSHR's Blog: Optical Media Durability: Update
- Java mon amour: docker cheat sheets
- Java mon amour: awesome Kubernetes Best Practices videos
- Java mon amour: WebLogic, dramatic reduction of TLS sessions creation by rejectClientInitiatedRenegotiation
- Java 13 articles index-What is new in Java and other tutorials
- SWAPGS: Meltdown may be over, Spectre looms – Marksei
- How to pick the right Azure Exam Certification Path - Thomas Maurer
- Under The Stairs: Many Things Go Well with PowerShell 7 - But Not All!
- Securing Virtual Machines with Azure Bastion - byronpate.com
- Kubernetes Visually - With VMware Octant - The IT Hollow
- Fail2Ban, iptables and config management – The ongoing struggle
- How to Save Money on Azure using Azure Reservations - Thomas Maurer
- Prevent mistakes with Azure Resource Locks - Stuart Moore
- Recession is coming - SysAdmin1138 Expounds
- Creating Multi-Part Ansible Playbook With Variables - NetApp and VMware
- Microsoft: Flash in Browser will be removed end of 2020! | Born's Tech and Windows World
- Windows 7: Free Extended Update Support and usage | Born's Tech and Windows World
- Chris's Wiki :: blog/python/Python3AndCentOS7
- Chris's Wiki :: blog/solaris/ZFSNotUniversal
- Clint Boessen's Blog: Preparing Exchange Topology - PrepareAD, PrepareSchema, PrepareDomain etc
- Apache – Hosting multiple SSL/HTTPS PHP Laravel sites using Single IP – CentOS 7 | geekdudes
- PowerShell - Executing code at specific times - LazyWinAdmin
- PowerShell Productivity Hacks: How I use Get-Command – Mike F Robbins
- 802.11 bad signal diagnostics (Ubiquiti) | Nelson's log
- 802.11ac, 802.11ax, and friends | Nelson's log
- Open-Sourcing the CoreNIC Firmware - Netronome
- Monitoring Home Power Consumption for less than $25 – blog.kroy.io
- Fully embracing Docker – blog.kroy.io
- Get full control of Windows Update | >_
- How to Build an IIS SMTP Relay Server [Tutorial]
- PowerShell Import-Csv and Export-Csv: The CSV Whisperers
- Marketing: The Most Important Skill Engineers Think They Don't Need
- How to Turn your Script into a PowerShell GUI (WPF)
- An application-focused backup inventory - Architecting IT
- The Expanding Storage Hierarchy - Architecting IT
- Battle of the Virtual Routers – blog.kroy.io
- Building a ZFS on Linux Fileserver – blog.kroy.io
- The ZFS walk-of-shame with Seagate and OmniOS CE. – blog.kroy.io
- Virtualization The Future: Old Way vs New Way to Run Docker Commands - Part 7
- Virtualization The Future: Docker Containers Truly Isolated With Proof!!!!! - Part 6
- Virtualization The Future: Docker Commands - Part 5
- Virtualization The Future: Docker Installation on Windows Operating System - Part 4
- Virtualization The Future: What is Container? - Part 3
- Virtualization The Future: What is Docker? - Part 2
- Virtualization The Future: Why One Should Use Docker? - Part 1
- 28 facts about Linux for its 28th birthday
- Announcing Oracle Solaris 11.4 SRU12 | Oracle Solaris Blog
- Optimize Storage Cost with Reduced Pricing for Amazon EFS Infrequent Access | AWS News Blog
- A project manager's guide to Ansible | Opensource.com
- HealthyPi v4 open source, wireless, wearable for human vital signs monitoring - Geeky Gadgets
- Global reinsurance experts urge investment in open-source risk models
- 1. Invest in open-source models that provide a long-term view of climate risk and link to insurance solutions.
2. Joined-up policy-making to put climate-risk models at the heart of national adaptation strategies.
3. Develop consistent climate adaptation regulation and standards across countries.
4. Foster insurance innovations that can respond to a changing climate risk landscape.
5. Strengthen dialogue between insurers and policy-makers around Build Back Better.
6. Converge insurance, humanitarian and development agendas.
7. Promote and invest in risk literacy throughout society
- Securing DSC resources for VMware | Adventures in a Virtual World
- Wear Estimation for Devices with eMMC Flash Memory
- First Python Program | Janusworx
- Jupyter Notebook for Beginners Tutorial — Dataquest
- RHELvolution 2: A brief history of Red Hat Enterprise Linux releases from RHEL 6 to today
- Django Optimization: Or how we avoided memory mishaps | Codementor
- stylesheet for nmap output
- nmap -sC -sV -oA toots toots.dgplug.org --stylesheet nmap-bootstrap.xsl
- The continuing rise of Kubernetes analysed: Security struggles and lifecycle learnings - Cloud Tech News
- CommonHealth Will Enable Android™ Phone Users to Access and Share their Electronic Health Record Data with Trusted Apps and Partners | BioSpace
- CommonHealth
- 7 tips for sysadmins to improve communication skills | Enable Sysadmin
- Introducing Glean — Telemetry for humans - Georg Fritzsche - Medium
- Rotating Images in ReportLab - The Mouse Vs. The Python
- How to use the LXD Proxy Device to map ports between the host and the containers – Mi blog lah!
- Council Post: Open Source Is Poised To Have A Greater Impact On Security
- Test & Code - Python Testing & Development 86: Teaching testing best practices with 4 testing maxims - Josh Peak
- Nping and Nmap arp scan – Linux Hint
- A Cyber Command Operational Update: Clarifying the June 2019 Iran Operation - Lawfare
- A Comprehensive Intro to Darktable: A Free Lightroom Alternative
- Draw.io is a free Flowchart and diagram creation software for Windows, Linux, macOS and your browser - gHacks Tech News
- Most common custom SSH Configurations of the OpenSSH Server - LinuxConfig.org
- ESXI 6.7 update: No space left on device | eknori.de
- The newest patching surprises - and how to fix some of them
- Benchmark Linux systems: Install Sysbench tool - LinuxTechLab
- Essential System Tools: hyperfine - command-line benchmarking tool - LinuxLinks
- DNS configuration with Ansible | Enable Sysadmin
- Thousands Of Linux Servers Infected By Lilu (Lilocked) Ransomware
- Configure DNS over TLS on Linux Mint to Protect DNS Privacy
- Put A TimeStamp on Bash History | UITS Linux Team
- HISTTIMEFORMAT="%d/%m/%y %T "
- Memory Ballooning
- VirtScreen on openSUSE | Turn a Tablet into a Second Monitor – CubicleNate's Techpad
- Connect to Wi-Fi From Terminal on Ubuntu 18.04/19.04 with WPA Supplicant - LinuxBabe
- Finally, I Can Make Multiboot USB of openSUSE from Ubuntu
- Excellent Free Books to Learn Pascal - LinuxLinks
- Why Spinnaker matters to CI/CD | Opensource.com
- Who-T: Tuhi - an application to support Wacom SmartPad devices
- LDAP Guide Part 4: Schema and Objects — Firstyear's blog-a-log
- LDAP Guide Part 3: Filters — Firstyear's blog-a-log
- LDAP Guide Part 2: Searching — Firstyear's blog-a-log
- LDAP Guide Part 1: Foundations — Firstyear's blog-a-log
- Using ramdisks with Cargo — Firstyear's blog-a-log
- Raspberry Pi 4 and Raspbian: Two months in, here's what I've learned so far | ZDNet
- A Guide to Excel Spreadsheets in Python With openpyxl – Real Python
- Combine Multiple Excel Worksheets Into a Single Pandas Dataframe - Practical Business Python
- 7 years of Django in 7-ish days | tlog
- How to Install Windows 3.1 in DOSBox, Set Up Drivers, and Play 16-bit Games
- 7 Best SNMP Monitoring Tools For Linux
- Anatomy of a Linux DNS Lookup – Part V – Two Debug Nightmares – zwischenzugs
- Anatomy of a Linux DNS Lookup – Part IV – zwischenzugs
- Anatomy of a Linux DNS Lookup – Part III – zwischenzugs
- Anatomy of a Linux DNS Lookup – Part II – zwischenzugs
- Anatomy of a Linux DNS Lookup – Part I – zwischenzugs
- Seven God-Like Bash History Shortcuts You Will Actually Use – zwischenzugs
- Nikola - Static Site Generator for your webz
- Boostnote is an easy to use open-source, cross-platform note-taking app in active development
- Using the LXD Kali container image – Mi blog lah!
- Provisioning ESXi with MAAS: An overview | Ubuntu
- Multi-tenancy in MAAS | Ubuntu
- iTWire - Business losses to cyber crime data breaches to exceed US$5 trillion by 2024
- iTWire - Internet Society weighs up the cost to business of cyber security breaches
- Making containers safer [LWN.net]
- Build a monitoring infrastructure for your Jaeger installation - Red Hat Developer
- 20 Excellent Free Books to Learn Perl - LinuxLinks
- A technical comparison between snaps and debs | Ubuntu
- How to Make Your CSO Happy with Your Open Source Components - CPO Magazine
- Corelight’s Brian Dye: Data-Driven Approach, Open Source Tools Key to Building Defensive Cyber Program – GovCon Wire
- How long before SSDs replace nearline disk drives? – Blocks and Files
- Changing the face of computing: UNIX turns 50 - Developer Tech
- Glia Is Making Open Medical Devices, And You Can Help | Hackaday
- A Clinical Grade Libre/Open Source 3D Printed Otoscope
- Thank The NSA For Their Ghidra Software Now Helping Firmware Reverse Engineering - Phoronix
- Western Digital's Long Trip from Open Standards to Open Source Chips
- Six simple money habits that changed my life
- How to Use Budgeting Skills to Improve Your Time Management
- LineageOS: Samsung Galaxy Note 3 | panticz.de
- F-Droid: A security-conscious repository for Free and Open Source Software (FOSS) applications for Android – The Gadgeteer
- Two Researchers Recreate The "Dangerous" OpenAI Text Generator
- Ukranian Employees Connect Nuclear Plant To Internet To Mine Cryptocurrency
- How secure is DNA testing?
- [Howto] Get a Python virtual environment running on RHEL 8 – /home/liquidat
- A dozen ways to learn Python | Opensource.com
- 9 Quick 'mv' Command Practical Examples in Linux
- Exadata Upgrade to OL7 and to Oracle 19c
- Creating a Normalized Vegetation Index Sensor with two LEDs | Underwater Arduino Data Loggers
- CPU Security Mitigation on openSUSE | Tuning it for Your Case – CubicleNate's Techpad
- AD Reading: Windows Server 2019 Active Directory Features – Active Directory Security
- Announcing VMware Tanzu and Project Pacific - CormacHogan.com
- Get faster GitLab runners with a ramdisk · major.io
- PowerCLI: vMotion Multiple VMs | PeteNetLive
- VMware Converter Slow! | PeteNetLive
- How to Measure Cybersecurity - Lawfare
- VMware Integrated Openstack Federation Guide and SAML2 ADFS Walkthrough
- ZFS: Performance and capacity impact of ashift=9 on 4K sector drives
- VMworld 2019: Top Security Keynotes and Sessions You Should Attend
- Chris's Wiki :: blog/solaris/ZFS4KDiskWithAshift9
- ashift=12
- Add machine to Nagios using Ansible | geekdudes
- How To Monitor SSD Health Status on VMware ESXi Host | KC's Blog
- HOWTO: Find NAV user running long SQL queries – Please Work
- Divorce dispute leads to accusation of crime in space
- Battle of the Virtual Routers
- FDA to trial innovative computer-assisted heart surgeries this fall
- How to use StarWind VSAN As a Resilient and Highly Available Shared Storage | ESX Virtualization
- Z-Wave best hubs: Ring, SmartThings, Aeotec and more - 9to5Toys
- How to Write Better Scripts with PowerShell Modules
- Mastercard: Data leak larger than feared | Born's Tech and Windows World
- Robocopy: The Ultimate Guide
- Migrating a Ubiquiti Unifi Controller to run on a Raspberry Pi for Pennies - Doug Rathbone
- Demystifying Active Directory and LDAP Filters in PowerShell
- Report: The new .NET updates break Veritas Backup Exec @ AskWoody
- Useful Linux commands for an Oracle DBA - Blog dbi services
- Dissecting 190716 BP, PSU, RU and RUR - DBA - Rodrigo Jorge - Oracle Tips and Guides
- Humair's Blogs » Blog Archive » Second VMware Press Book Published – My Thoughts and Tips
- Unbuntu, Android Studio and Emulated Google ChromeOS – Michelle Laverick…
- LXD with OpenvSwitch network | panticz.de
- Install: tinyproxy | panticz.de
- How To Find USB Device Bandwidth Usage On Linux - OSTechNix
- Six practical use cases for Nmap | Enable Sysadmin
- Hubstaff - Work Time Tracking Software for Productive Teams
- Share Your Keyboard and Mouse Between Linux and Raspberry Pi - It's FOSS
- Which financial advice should you trust?
- Maximizing Retirement Time: Being Flexible in Both Work Income and Spending — My Money Blog
- Birmingham Digital & DevOps Meetup : August 2019 | The ORACLE-BASE Blog
- The Difference Between Data, Information, and Intelligence | Daniel Miessler
- How to Setup SSH Passwordless Login in Debian 10
- A compendium of container escapes - Help Net Security
- How To Set up Automatic Security Update (Unattended Upgrades) on Debian/Ubuntu? | 2daygeek.com
- KVM: Windows 7 VM | panticz.de
- PyFunnels: Data Normalization for InfoSec Workflows - Black Hills Information Security
- Apache Software Foundation's Code-Base Valued At $20 Billion USD - Phoronix
- Patchday Windows 10 Updates (August 13, 2019) | Born's Tech and Windows World
- Patchday: Updates for Windows 7/8.1/Server (August 13, 2019) | Born's Tech and Windows World
- Microsoft Security Update Summary (August 13, 2019) | Born's Tech and Windows World
- Chris's Wiki :: blog/linux/OOMKillerWhen
- Chris's Wiki :: blog/linux/NoMemoryButNoOOM
- How To Create a Menu Selection Script in Powershell - Daniel Engberg
- The lifecycle of infrastructure at a standard-pattern cloudy startup - SysAdmin1138 Expounds
- Replication considerations for Domain Controllers running on VMware vSphere - The things that are better left unspoken
- Windows: Critical Patches (CVE-2019-1181/CVE-2019-1182) August 13, 2019 | Born's Tech and Windows World
- CVE-2019-1181 CVE-2019-1182
- Running Your Own Encrypted DNS Server for Fun and Profit | badllama.com
- August 2019 Security patches: It’s a biiiiiiiiig month @ AskWoody
- "Now is the best time I've ever seen to get into LegalTech" - Legal IT Today | DennisKennedy.Blog
- Black Hat 2019: 3 cybersecurity concerns and 3 things that give hope | CSO Online
- 3 ways security is improving
While there is a lot of work ahead, all is not doom and gloom. Here are a few positive observations from Black Hat 2019:
Application security is getting the attention it deserves. Agile development, DevOps, and cloud computing have finally forced the industry to confront a historical weakness – for the past 20 years or so, we’ve tended to bolt security on rather than bake it in. I’m seeing profound changes here, with security moving rapidly into the CI/CD pipeline. It’s still early, and application development is moving much faster than security knowledge, but at least we are heading in the right direction.
The industry is making progress on security operations automation. Security operations has long suffered from too many point tools, a reliance on manual processes, and a shortage of skilled personnel. To address these problems, many CISOs have slowly moved beyond the basics of security operations automation. For example, there is a trend toward continuous red teaming combined with automated remediation actions. I even talked to one CISO who hired an “automation person” who had no security skills. His job is to work with the security operations team to discover and automate manual processes. I’m encouraged by stories like these that I heard at Black Hat.
The MITRE ATT&CK Framework (MAF) has gained a lot of traction. For all the talk about artificial intelligence (AI) and machine learning technologies, the MITRE ATT&CK Framework is becoming ubiquitous in the enterprise. This can be extremely beneficial, as it forces security professionals to think in terms of pervasive attacks and kill chains rather than individual events.
- Safe travels: 7 best practices for protecting data at border crossings | CSO Online
- Securing Your Multi-Cloud Strategy | CSO Online
- Gartner estimates that Shadow IT comprises 30 to 40 percent of IT spending in large enterprises.
- 12 things every computer security pro should know | CSO Online
- 1. Your opponents’ motives
2. Types of malware
3. Root cause exploits
- Why It’s Time to Update Your Endpoint Security Approach - Delta Risk
- Example of modelling an application flow as a diagram for Software Testing - EvilTester.com
- IT Governance’s 2019 Cyber Resilience Report reveals major data protection weaknesses - IT Governance Blog
- 43% of organisations don’t have a formal information security management programme.
33% of organisations don’t have documents that state how they plan to protect their physical and information assets.
30% haven’t implemented identity and access controls.
- Meet Bluetana, the Scourge of Pump Skimmers — Krebs on Security
- A Roadmap for Lawyers With Cybersecurity Paralysis | SENSEI ENTERPRISES, INC.
- Fayetteville Tech Lawsuit to Require Digital Forensics | SENSEI ENTERPRISES, INC.
- SSLH - Share A Same Port For HTTPS And SSH - OSTechNix
- Using WebThings Gateway notifications as a warning system for your home - Mozilla Hacks - the Web developer blog
- YouTube download and convert to mp3 | panticz.de
- Geeking outside the office | Enable Sysadmin
- Cooling The Raspberry Pi 4 With The Fan SHIM & FLIRC For Better Performance - Phoronix
- Top 9 Django Concepts - Part 1: 4 Mins | Codementor
- Teaching cybersecurity in an open classroom | Opensource.com
- Excellent Free Books to Learn X86 Assembly - LinuxLinks
- A comprehensive guide to agile project management | Opensource.com
- Top 20 Best Plotting Tools for Linux for Creating Scientific Graphs
- Reinventing Your Own STP Wheel... « ipSpace.net blog
- How Hexdump works | Opensource.com
- Database Migration from non-CDB to PDB – Migration with Data Pump
- Introducing vSphere Cloud Native Storage (CNS) - CormacHogan.com
- VMware vSphere 6.7 U3 Announced - What's New? | ESX Virtualization
- Runecast Analyzer makes hardware checking against the VMware HCL easy - ivobeerens.nl
- Operational Debt the lead weight around IT’s neck – Virtual Me
- Automating an Azure Lab Setup with PowerShell [Demo]
- Getting Started with Terraform on Windows (Demo Walkthrough)
- The Underused Power of the Microsoft Graph API with PowerShell
- Fundamentals: Study Them for Long-Term Trading Gains – Business Ideas
- 1. Buy the Rumor, Sell the News
This is a phrase that every forex trader has heard at some point. However, if you think about it, you’ll see that often the markets behave in ways the policymakers least expect. And when there is a big disconnect between expectation and outcome, you can gain an edge with your contrarian opinion.
2. Look at the Longer-Term Trends
The fundamentals often hit the headlines for the wrong reasons. For example, a recent US jobs report just made big headlines. If you read that news release without considering the larger context, you might think that the US economy had just tanked. However, the long-term trends will give you better insights.
3. Everything Is Interrelated
In short, what happens in Asia affects Europe, the US, and other markets. Therefore, fundamental analysis can help you to anticipate what’s coming next. For example, when the Chinese stock markets take a tumble, US stocks take a hit as well.
- Portfolio Charts Tool Tests Flexible Withdrawals in Retirement — My Money Blog
- Biggest Bang For Your Buck States, 2019 | Tax Foundation
- Azure VMs with Oracle- Next Steps
- The Ten Rules of Database Administration
- With that said, I’m going to list my Ten Rules of Database Administration.
Fixing a performance problem with hardware is the best way to guarantee the return of the problem in the near future.
A Database Administrator is only as good as their last backup, (or database image, clone, flashback and other redundancy.) It’s the only protection from ID10T errors- our own and others.
The best performing database is one that has no users. The best performing query is one that doesn’t have to be executed.
Optimize what annoys the user vs. what annoys you and you’ll never have to worry about your job.
Never assume, always research and double-check/triple-check your findings. Data is the savior of the DBA.
Performance issues are rarely simple. If they were simple, the user could fix them and we’d be out of a job.
If a database is up and running, then something has changed. Don’t ever accept the answer that nothing’s changed. They’d have to be using paper and pen instead of the database.
A developer’s goal is to have an application or procedure complete requirements. Your job is to make sure the code they produce does so without risk to data, database and does so efficiently.
You can’t do your job as well as you can if you understand what the application developer, user and business does.
The database is always guilty until proven innocent and by the way, you only have access to 1/2 the case evidence. You’re it’s attorney- Congratulations.
- The Morning After: The mystery of Virginia's TV Man
- Scientists have even found microplastics in the Arctic
- Hacking 4G hotspots – when did you last update? – Naked Security
- GDPR privacy can be defeated using right of access requests – Naked Security
- FileZilla fixes show how far we’ve come since Heartbleed – Naked Security
- ‘Urgent/11’ flaws affect 200 million devices – from routers to elevators – Naked Security
- How to protect your OT Assets from Cyber Threats & Cyber Risks
- How To Discover and Protect Your OT Assets
- New Capabilities to Automatically Discover and Assess Rogue Assets
- Oracle Critical Patch Update for July Contains 265 Fixes
- Cybersecurity as a Public Service: 3 Ways Local Governments Can Change the Conversation - Blog | Tenable®
- Include cybersecurity as a key element of public safety. The cybersecurity budget line item in state government is less than 3 percent of the total IT budget, according to a 2018 study by the National Association of State Chief Information Officers (NASCIO); anecdotally, we hear that the local cybersecurity budget is often even less. Public safety is a much larger component of local budgets, in part because the public can see where their tax dollars are going in the form of more police officers and firefighters. Yet, cybersecurity is essential to keeping increasingtly internet-facing critical infrastructure safe and secure. It is a true statement that “cyber tools don’t rescue cats from trees,” so it is unlikely that they will ever be valued as highly by local taxpayers. But what if we spoke of cybersecurity in the language of public safety? For example, framing predictive prioritization of cyber vulnerabilities as an essential public safety measure — much like local governments justify the spending on tools like CompStat for law enforcement or SeeClickFix systems for community alerts — would demonstrate that public funds are being used as efficiently as those used to address violent crime and quality-of-life needs.
Make cybersecurity a community campaign. If public services go down then everybody suffers, especially the most vulnerable in society. Homebound seniors may see interruption in their remote medical devices if power is lost. Low-income residents may not be able to get to work if public transportation is interrupted. And a loss of public safety communications, such as 911 service, can lead to loss of life. All of these scenarios are acutely felt at the local level and will certainly affect a large segment of the population. Avoiding these interruptions is thus a community responsibility and can be used as justification to rally support for public campaigns to improve cyber hygiene and increase awareness of cyber threats.
Utilize cybersecurity curriculum in K-12 education in to shrink the digital divide. Internet of Things (IoT) and web-based applications to streamline service delivery are showing great promise but they also have the potential to widen the digital divide. Cities are making broadband access available to larger segments of residents but it may not be utilized equally by all. Promoting cybersecurity skills and tools in K-12 education can help close this divide by making cyber careers more accessible to a larger swath of the community, breaking down barriers of entry to IT careers and affecting multiple generations, as students instruct their parents and other family members on the importance of cybersecurity and the value of digital transformation.
- Cyber Exposure: Taking a Holistic Approach to Vulnerability Management
-
Where are we exposed?
How should we prioritize based on risk?
How are we reducing exposure over time?
How do we compare to our peers?
- 6 Security Considerations for Wrangling IoT
- 1. Team mindset: For security to become a priority, it helps to have an entire team that is invested in security. This includes everyone from the CEO and website manager to the developer. When teams and priorities are aligned, budgets and actions are built into short- and long-term goals.
2. Standardization: IoT industry standardization is needed across the board — much like the standards for browsers and websites in the early days of the Internet. Web browsers and websites have evolved a lot over the years, and we are very much in the early stages of IoT.
3. Secure the supply chain: We must hold vendors accountable, but it's not just about the device itself — supply chain partners are numerous. As we saw with Google Home Nest cameras, third-party service providers were part of the problem that allowed old owners of cameras to spy on new owners.
4. Consumer education: If more people are educated on what could go wrong, they will be more security conscious. If they're aware of vulnerabilities and issues, they can help prevent attacks. For example, as we saw with the Nest vulnerability, they can make sure their devices are set to factory settings and check for updates to systems on a frequent basis. Educating kids at an early age can also go a long way, just like they're told to not open the door to strangers. In our modern age, "safety" is still the issue, but the risks have changed. The simple task of installing an application off the Web itself can become the weakest link.
5. Secure applications that support IoT devices: We must ensure that the code and software we build for IoT is continually tested for vulnerabilities. For instance, we can pre-emptively change default passwords of devices, and also manage the patch level of the kernel software on devices to prevent exploitation of new vulnerabilities.
6. Multilayered network security: Many things can be done at the enterprise network level. Segmentation of networks can ensure that hacked IoT devices can't affect other areas of networks. Perimeter security can help ensure hackers can't see networks in the first place. Companies should also limit the ability of IoT devices to initiate network connections.
- How to Scan Websites for Interesting Directories & Files with Gobuster « Null Byte :: WonderHowTo
- The 15 Most Popular Talks from DEFCON's Hacking Conferences « Null Byte :: WonderHowTo
- How to Load Kali Linux on the Raspberry Pi 4 for the Ultimate Miniature Hacking Station « Null Byte :: WonderHowTo
- How to Set Up Network Implants with a Cheap SBC (Single-Board Computer) « Null Byte :: WonderHowTo
- 80/20 Cyber Security, Part 2—The 3 Most Critical Controls | Pivot Point Security
- 80/20 Cyber Security—How to Reduce 80% of Your Cyber Risk with 20% of the Effort | Pivot Point Security
- How to avoid and protect against medical identity theft
- Here are some things you can do right now to protect yourself against medical identity theft.
Use a VPN service
Delete receipts and prescriptions
Stop sharing everything on social media
Stop sharing your medical insurance
Pay as much attention to the security of your medical information as your SSN
Keep an eye on your credit report.
Keep your eyes open for any suspect correspondence
Start talking regularly with insurance providers.
- How to get the Organization Units (OU) and Hosts from Microsoft Active Directory using Python ldap3 | Alexander V. Leonov
- Patching or reimaging your ODA? - Blog dbi services
- Your DSLR Camera Can Be Prone To Ransomware; Here’s How
- Staffing the CISO office: A call to senior management for some expansive thinking | CSO Online
- Top 10 Python Web Frameworks – Linux Hint
- Built to scale: 5 tips for structuring your security organization for growth | CSO Online
- 87th Annual Meeting: June 28-July 1, 2019 in Honolulu - usmayors.org
- 4 signs the CISO-board relationship is broken (and 3 ways to fix it) | CSO Online
- Smishing and vishing: How these cyber attacks work and how to prevent them | CSO Online
- Black Hat keynote: Why security culture needs to change | CSO Online
- 11 new state privacy and security laws explained: Is your business ready? | CSO Online
- How Nyotron Paranoid puts endpoint security worries to rest | CSO Online
- Looking for answers at Black Hat: 5 important cybersecurity issues | CSO Online
- Network security platforms
Endpoint security consolidation?
Managed detection and response – it’s all about the people
Serverless security – the new frontier
Security analytics innovation and confusion
- Top cyber security certifications: Who they're for, what they cost, and which you need | CSO Online
- How JustEat finds and trains in-house security talent | CSO Online
- 3 Steps to Deploying a Hardened OS by Tailoring | CSO Online
- 6 lessons from Venmo’s lax approach to API security | CSO Online
- What is a CASB? What you need to know before you buy | CSO Online
- 11 top DEF CON and Black Hat talks of all time | CSO Online
- Equifax’s data breach disaster: Will it change executive attitudes toward security? | CSO Online
- 31 hardware and firmware vulnerabilities: A guide to the threats | CSO Online
- Learning the Vulnerability Management Fundamentals
- Here are six discovery questions to ask as a starting point:
Where are your business offices and network infrastructure sites, including failover and backup sites, located?
What are the key web applications, operating systems, software packages and databases supported by the IT organization?
What types of assets (IT/OT, physical, software, mobile, development) are used by the company?
Do you have an asset management tool or a database of all assets owned by the organization?
Do you use an asset and data classification policy to enforce security and access controls?
Which assets, applications and data are considered critical for the organization?
- 15 Cybersecurity Fundamentals for Water and Wastewater Utilities | WaterISAC
- The 15 fundamentals are:
Perform Asset Inventories
Assess Risks
Minimize Control System Exposure
Enforce User Access Controls
Safeguard from Unauthorized Physical Access
Install Independent Cyber-Physical Safety Systems
Embrace Vulnerability Management
Create a Cybersecurity Culture
Develop and Enforce Cybersecurity Policies and Procedures
Implement Threat Detection and Monitoring
Plan for Incidents, Emergencies, and Disasters
Tackle Insider Threats
Secure the Supply Chain
Address All Smart Devices (IoT, IIoT, Mobile, etc.)
Participate in Information Sharing and Collaboration Communities
- Protect against BlueKeep
- 5 essential controls to include in your cyber security checklist - IT Governance Blog
- How to recover from a cyber attack - IT Governance Blog
- How to make sure your cyber insurance policy pays out - IT Governance Blog
- How to Get on the Dark Web: A Step-by-Step Guide
- SECURITY ALERT: GermanWiper Ransomware Erases Your Data Even If You Pay
- How to search effectively and efficiently – Part I: basic principles, tips and tricks for OSINT – We are OSINTCurio.us
- ISO 27001 Certification Proven Process Explained! Step 8: Maintenance, Continuous Improvement and Recertification | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 7: Certify Your ISMS | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 6: Conduct an Internal Audit | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 5: Execute the Risk Treatment Plan | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 4: Build a Risk Treatment Plan | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 3: Identify and Analyze Information Related Risk | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 2: Understand Your InfoSec Controls | Pivot Point Security
- ISO 27001 Certification Proven Process Explained! Step 1: Understand Your Scope | Pivot Point Security
- 4 Reasons to Establish and Exercise Your Right to Audit Vendors | Pivot Point Security
- 3 “First To-Dos” after You Complete Your Privacy Data Mapping Exercise | Pivot Point Security
- CHIME, AHIMA push Senate on national patient identifier
- US State Comprehensive Privacy Law Comparison
- Hospital executives and HHS at odds on protecting patient data
- Google Online Security Blog: Understanding why phishing attacks are so effective and how to mitigate them
- MalConfScan with Cuckoo: Plugin to Automatically Extract Malware Configuration - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- Extract Malware Configuration with MalConfScan - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- Top Three Cross-Site Scripting Attacks You Need to Know Now
- Eight Steps to Migrate Your SIEM
- What Call Center Fraud Can Teach Us about Insider Threats
- Best Practices for Remote Workers’ Endpoint Security
- Security Operations Center (SOC): Prioritizing Log SourcesRafeeq Rehman – Personal Blog
- NBlog - the NoticeBored blog: NBlog July 20 - what is the ISMS for?
- Build Your Own Multi-Cloud Security Monitoring in 30 Minutes or Less
- A New Approach to Application Security Testing - ShiftLeft Blog
- Hacker Summer Camp 2019: What I'm Bringing & Protecting Yourself · System Overlord
- Automated ESXi Installation to USB using Kickstart
- Intro to Hardware Hacking - Dumping your First Firmware
- Top 10 Uses of Wireshark for Hackers Part I - The Ethical Hacker Network
- Manual Vulnerability Detection - The Ethical Hacker Network
- Errata Security: Hacker Jeopardy, Wrong Answers Only Edition
- Errata Security: Securing devices for DEFCON
- PHP: Supported Versions
- Brief History of Internet Wide Scanning
- Healthcare Exchange Standards: IHE Profiles on FHIR R4 now have conformance resources available
- Web con: 'How to Make Yourself Understood by the CISO and CIO'
- VA OIG report shows holes in security, privacy for patient information
- NY gov. signs two new data breach security laws
- InfoSec Women: Leaders and In Charge | CyberWatch
- Rocky Mountain Health IT Summit ~ Cyber Thoughts
- How to Become Hacker, Check you are Eligible or Not
- Infosec's Unfortunate Departure from Spaced Learning | Chris Sanders
- The Story of a Top 10 Insurance Company - Pindrop
- Azure Security Lab: a new space for Azure research and collaboration – Microsoft Security Response Center
- Command Injection Cheatsheet - HackersOnlineClub
- Your Reporting Matters: How to Improve Pen Test Reporting - Black Hills Information Security
- Publicly available Tenable .audit scripts | Alexander V. Leonov
- IBM offers explainable AI toolkit, but it’s open to interpretation | ZDNet
- Check whether laptop is running on battery or cable Using echo, eval
- Assessing Open Source Software for Industrial Use | Automation World
- Black Hat USA 2019 conference Highlights | Packt Hub
- A Fistful of Dongles: The Application Era of Digital Forensics
- Humans Are Genebots | Daniel Miessler
- We Don't Need Patches Why Organizations Don’t Patch
- 8 Ways to Encourage Cyber Security Awareness - Delta Risk
- How Cyber Security Exercises Can Keep You in Shape - Delta Risk
- What’s New in Azure Active Directory for July 2019 - The things that are better left unspoken
- Passed Microsoft Certified: Azure Solutions Architect Expert – UseIT | Roman Levchenko
- almost
- RDP vulnerability puts Hyper-V at risk | Born's Tech and Windows World
- Automating employee onboarding the PowerShell way
- Microsoft has found a way to hurt the partnership between Amazon Web Services and VMware by raising prices for customers using non-Microsoft clouds | Business Insider India
- Open Sourcing the Kubernetes Security Audit - Cloud Native Computing Foundation
- Scrum vs. kanban: Which agile framework is better? | Opensource.com
- Transport Layer Security version 1.3 in Red Hat Enterprise Linux 8
- New Bluetooth 5 Channel Hopping Reverse Engineered For Jamming And Hijacking | Hackaday
- AT&T Employees Took Bribes To Plant Malware On Company's Network | Techdirt
- Windows Kernel Information Disclosure Vulnerability CVE-2019-1125 | Born's Tech and Windows World
- CVE-2019-1125
- SDRTrunk 0.4.0 Alpha 9 Updates Highlighted
- GNU Radio 3.8.0.0 Released – First Minor Release Version in Six Years
- Testing Linux Docker Images in CloudBees CodeShip CI - via @codeship | via @codeship
- AWS Lake Formation – Now Generally Available | AWS News Blog
- Preview Release of the new AWS Tools for PowerShell | AWS News Blog
- Cannot download attachment (due to size) with mobile device on Exchange ActiveSync - The time I've wasted on technology...
- Microsoft is changing the rules of the game - robbeekmans.net
- Creating Isolated Networks with Ubiquiti UniFi · vNinja.net
- Hackers Threaten Medical IoT Devices: Here's How to Keep Them Safe
- What Is an M.2 SSD? The Pros, Cons, and How to Install One
- Where to Buy Ebooks? The Best Online Ebook Stores
- The Best Flowchart Templates for Microsoft Office
- 4 Essential Google Account Settings to Change for Better Security
- 10 Amazingly Useful Spreadsheet Templates to Organize Your Life
- The 9 Best USB Audio Interfaces for Musicians
- The Essential Ebook Converter Guide
- How to Remove the DRM on Every Ebook You Own
- Automate The Freight: When The Freight Is People | Hackaday
- Building A Safe ESP32 Home Energy Monitor | Hackaday
- Jazzberry All-In-One Computer by machineboy - Thingiverse
- Brain-Computer Interfaces: Separating Fact From Fiction On Musk’s Brain Implant Claims | Hackaday
- GitHub - nexusofdoom/lancache-installer
- Java mon amour: Openshift 4, interesting readings
- Java mon amour: OpenShift CI/CD
- Java mon amour: Openshift RedHat plugin for Intellij
- Java mon amour: SAML and JWT
- There Are 2 Times of Year You Should Never Job Hunt
- Free Up Your Hands With Speech-to-Text on Android
- Erman Arslan's Oracle Blog: Weblogic -- Disaster Recovery implementations
- The Hitchhiker's Guide to Ethical AI
- Almost half of employees have access to more data than they need
- Load balancer flaw could lead to major breaches at large organizations
- Ransomware turns its sights on large organizations
- Using Automation vs Making Automation - EtherealMind
- New Teensy 4.0 Blows Away Benchmarks, Implements Self-Recovery, Returns To Smaller Form | Hackaday
- Espionage On Display As GCHQ Hosts A Temporary Exhibit | Hackaday
- A SuperCap UPS | Hackaday
- First Look At DEF CON 27 Official Badge; Kingpin Is Back! | Hackaday
- Chris's Wiki :: blog/linux/IptablesRewriteUsingIpset
- SMEs forced to meet cybersecurity demands in order to win contracts
- The top 11 security threats to cloud computing
- The top 11 in order of significance are:
Data Breaches
Misconfiguration and inadequate change control
Lack of cloud security architecture and strategy
Insufficient identity, credential, access and key management
Account hijacking
Insider threat
Insecure interfaces and APIs
Weak control plane
Metastructure and applistructure failures
Limited cloud usage visibility
Abuse and nefarious use of cloud services
- Biggest ransomware threat is encryption of shared cloud files
- 3 ways IoT will impact our future
- Chris's Wiki :: blog/unix/NoSwapConsequence
- Half of companies won't move mission critical workloads to the cloud
- DIY Embroidery Machine V2 | OpenBuilds
- Build an ESP8266 web server – Code and schematics (NodeMCU) « Dangerous Prototypes
- The 5 Elements of Effective Thinking by Edward B. Burger and Michael Starbird
- Occasionally go back to the basics
Plan to fail
Before getting started, make sure you are asking the right question
- Supercell cloud - Japan Today
- VMworld 2019 - Preflight Checklist - VirtuallyInclined.com
- Monitoring Kubernetes with Wavefront via Proxy Chaining - CormacHogan.com
- How to Create a RAM Disk on Windows Server? | Windows OS Hub
- Sysdig Secure 2.4 Announced - The IT Hollow
- Patch Lady – we have another Spectre/Meltdown @ AskWoody
- The End-All Guide to Repairing Active Directory Trust Relationships
- Finding the last time your domain controller backup happened
- Intro to Black - The Uncompromising Python Code Formatter - The Mouse Vs. The Python
- RV Offsite Backup Update | Linux Journal
- Security scanning your DevOps pipeline | Opensource.com
- Python Celery Guide | Codementor
- How to scan your Docker installment with docker-bench-test - TechRepublic
- France Says Ransomware Attacks on Big Companies Are on the Rise - Bloomberg
- Seven Concerns Open Source Should Worry About - Part 1 | ConsortiumInfo.org
- From Linux to cloud, why Red Hat matters for every enterprise | ZDNet
- Get going with EtherCalc, a web-based alternative to Google Sheets | Opensource.com
- Explainer: What is post-quantum cryptography? - Linux Security - Cryptography
- The Spend Safely in Retirement Strategy
- An Ansible reference guide, CI/CD with Ansible Tower and GitHub, and more news | Opensource.com
- Top 20 Best Cybersecurity Courses That You Can Sign Up Now
- What's your favorite open source BI software? | Opensource.com
- Managing Risk in the Supply Chain
- 8chan owner blasts 'sinister' shutdown - Japan Today
- Google, Money and Censorship in Free Software communities | DanielPocock.com
- Original Cult of the Dead Cow Members Keep it "Wacky, Weird, and Wild" to Celebrate Joseph Menn's Newest Book | Electronic Frontier Foundation
- Top 20 Best Bioinformatics Tools for Linux: An Ultimate Collection
- Manage your passwords with Bitwarden and Podman - Fedora Magazine
- 24 sysadmin job interview questions you should know | Opensource.com
- A new tool for measuring continuous learning | Opensource.com
- Announcing coreboot 4.10 – coreboot
- Linux with a 30-year lifespan | Joinup
- Top 20 Best Raspberry Pi Projects That You Can Start Right Now
- Web server security – Part 0: How to start · InfoSec Handbook – information security blog
- How to Use Binder and Python for Reproducible Research - Erik Marsja
- Excellent Free Books to Learn Java - LinuxLinks
- The Growing Threat of Targeted Ransomware | SecurityWeek.Com
- Assessing-Medical-Device-Cyber-Risks-in-a-Healthcare-Environment.pdf
- Freedombone version 4.0 | Freedombone Blog
- The Definitive Guide to Centralized Logging with Syslog on Linux
- An Open Hardware Rubber Ducky | Hackaday
- Fernando Corbato: Scientist who fostered the digital revolution and the computer password | The Independent
- 3 tools for doing presentations from the command line | Opensource.com
- Top 15 Best Linux Log Viewer & Log file Management Tools
- Preliminary Observations on the Utility of Measuring Cybersecurity - Lawfare
- Excellent Free Books to Learn PHP - LinuxLinks
- Using Metrics to Guide Container Adoption, Part I – Red Hat OpenShift Blog
- U.S. GAO - Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges
- U.S. GAO - Federal Information Security: Agencies and OMB Need to Strengthen Policies and Practices
- Disks and Partitions Management with Windows PowerShell | Windows OS Hub
- Azure Dedicated Host for your Azure VMs - Thomas Maurer
- Three Companies Bringing Innovation to Open Keyboards | FOSS Force
- How to Build PowerShell Functions for Easier Pester Testing
- Vagrant – creating Virtual machine | geekdudes
- How to Setup Travis for Quick Ansible Playbook CI | hobo.house
- NHS: The Long-Term Plan
- German schools ban Microsoft Office 365 because of privacy concerns
- The History Of Computing: The Xerox Alto - krypted
- 65 percent of cybersecurity analysts say they've considered quitting
- Microsoft's web-based Outlook 365 is leaking users' IP addresses in emails
- Businesses still at risk from outdated operating systems
- 66 percent of SMBs don't believe they’re vulnerable to a cyberattack
- Confessions of a paranoid DEC Engineer: Robert Supnik talks about the great Dungeon heist! – Virtually Fun
- Looking inside a 1970s PROM chip that stores data in microscopic fuses « Dangerous Prototypes
- Building a bluetooth DAC with Raspberry Pi Zero W « Dangerous Prototypes
- Quote Details: Bertrand Russell: In all affairs it's... - The Quotations Page
- Watergate Salad: A Fluffy Green Bite Of Washington, D.C.'s Past : The Salt : NPR
- An Introduction to Structured Data at Etsy - Code as Craft
- ESP32 with DHT11/DHT22 Temperature and Humidity Sensor using Arduino IDE | Random Nerd Tutorials
- Getting Started With the ESP8266 and DHT22 Sensor
- Continuous Integration/Continuous Development with FOSS Tools | Linux Journal
- Automated Report Generation with Papermill: Part 2 - Practical Business Python
- Automated Report Generation with Papermill: Part 1 - Practical Business Python
- Three ways automation can help service providers digitally transform
- EPIC - Capitol One Breach Sets Record
- RTL-SDR: Seven Years Later | Hackaday
- Ansible: IT automation for everybody | Enable SysAdmin
- Log management: Helping IT admins to achieve infrastructure-wide visibility
- USENIX ATC 2019: A retargetable system-level DBT hypervisor, an I/O scheduler for LSM KVs, and more | Packt Hub
- Syslog : The Complete System Administrator Guide – devconnected
- What We Can Learn from the Capital One Hack — Krebs on Security
- 5 experimental cybersecurity trends your business needs to know about - TechRepublic
- Buttercup is an open source password manager for Windows, macOS, Linux, - gHacks Tech News
- 6 Challenges In Using Open Source Cybersecurity Tools
- Open Source Licensing and Turkish Law - Lexology
- 85% Of Total Bitcoins On Earth Have Already Been Mined, What's Next?
- AWS Certified Solutions Architect - Associate (2019) | Exam Experience - CHRIS STARK
- Chemical or Mineral Sunscreen? What To Know About Current Sunscreen Research : Shots - Health News : NPR
- What’s new in Java13?
- Java mon amour: No suitable client certificate could be found - continuing without client authentication
- DSHR's Blog: Blockchain briefing for DoD
- DSHR's Blog: Emulation as a Service
- The Life of Kenneth: Building Your Own Bluetooth Speaker
- Retired Certifications and Exams | Certification Policy - vmw-certification-retired-exams.pdf
- IT'S SO HOT OVER HERE. WE'RE MELTING. SEND HELP. - Raspberry Pi
- Performance Analysis Methodology - YouTube
- How to write great container images - Ricard Bejarano
- What is the common wire in electrical wiring? - The Silicon Underground
- What the Shuck is Going on Here?! - briancmoses.com
- SalesForce.Org Study: 40% of Nonprofits Planning To Integrate AI for Marketing | Beth's Blog
- The new 30-person research group in DC investigating how emerging technologies could affect national security - 80,000 Hours
- A Beginner's Guide to AWS CloudWatch (Walkthrough)
- Learn How to Code or Else: An IT Pro Guide
- Using PowerShell to copy to the clipboard (Core support too!)
- Step-by-step guide on how to set up WinRM on a Linux client
- Managing and automating AWS EBS snapshots (PowerShell)
- How to find Active Directory admin accounts authenticated by RODCs
- How to create a Chocolatey package (tutorial)
- Using the Invoke-DscResource cmdlet (no configuration needed)
- Discover Active Directory database size with PowerShell
- Under The Stairs: The End Of My Era
- Azure Security Center: How to Protect Your Datacenter with Next Generation Security | Robert Smit MVP Blog
- Deduplicating NTFS file systems (fsdup) - Philipp's Tech Blog
- When Redundancy Actually Helps - Marc's Blog
- 1. The complexity added by introducing redundancy mustn't cost more availability than it adds.
2. The system must be able to run in degraded mode.
3. The system must reliably detect which of the redundant components are healthy and which are unhealthy.
4.The system must be able to return to fully redundant mode.
- HOWTO: Disable weak protocols, cipher suites and hashing algorithms on Web Application Proxies, AD FS Servers and Windows Servers running Azure AD Connect - The things that are better left unspoken
- Solution for the SMB1 AD Authentication issue – ESXi 6.5U3 update | Techbrainblog
- How To Encrypt Data In Amazon S3
- HOWTO: Disable Unnecessary Services and Scheduled Tasks on Windows Servers running Azure AD Connect - The things that are better left unspoken
- Managing Active Directory Time Synchronization on VMware vSphere - The things that are better left unspoken
- HOWTO Enforce Azure AD Connect to use TLS 1.2 only - The things that are better left unspoken
- Building Azure policies to ensure compliance
- Security and Compliance in Microsoft Teams Video Series - Tom Talks
- Updating List of Trusted Root Certificates in Windows 10/8.1/7 | Windows OS Hub
- How to increase local datastore from the command line (using SSH) for ESXi 6.7.0 – Welcome to my blog
- Writing sustainable Python scripts | Vincent Bernat
- How To Automate NetApp Installations with Ansible
- Microsoft deactivates VBScript in IE as of August 2019 | Born's Tech and Windows World
- Cisco Live – The Minimalist Packing List | Herding Packets
- Conference Packing – The Little Things | The Networking Nerd
- Bond WiFi and Ethernet for easier networking mobility - Fedora Magazine
- Start a new git repository
- 2019 is the year of NVMe - Architecting IT
- Quick tip: uninstall a driver | >_
- Get-WindowsDriver -Online |
Where {$_.Version -eq '10.1.1.40'} | Foreach-Object {
pnputil.exe /delete-driver $_.Driver /force
}
- From the iPhone to Huawei: The New Geopolitics of Technology - Lawfare
- Computing and storage, both of which will increasingly migrate to remote servers (the “cloud”), bringing down the cost and increase the scale of data storage. This could have potential implications for security and communications, especially features such as distributed record-keeping (blockchain) and new developments in data storage.
Telecommunications, specifically the developments of a fifth generation (5G) of infrastructure, which may operate up to 20 times faster than existing systems, with low latency (delay in data communication). This will enable a vast array of applications, including driverless cars and machine-to-machine communications.
Artificial intelligence, specifically machine learning, which involves fast and accurate pattern recognition by feeding vast troves of data to computers in order to “teach” them. This can then be applied to language, visual imagery, and other domains to resemble a form of intelligence.
Automation, including the online integration of physical objects: cyber physical systems (CPS) or the “internet of things” (IoT). Think health monitors, remotely-managed factory robots, or internet-enabled security systems.
Manufacturing, including in materials, optics, sensors, and additive manufacturing (“3D printing”).
Energy, particularly renewable and mobile energy sources and smarter management systems.
- Unlocking Market Forces to Solve Cyber Risk - Lawfare
- Database Migration from non-CDB to PDB - Various Pitfalls
- Version 19.2 is now available – ThatJeffSmith
- Database Migration from non-CDB to PDB - The Patch Level Pitfall
- VMware Snapshots: vRealize Orchestrator SSL Certificates
- I'm going all-in on Serverless at AWS! :-) - WoodITWork.com
- VMware Snapshots: vRealize Orchestrator SSL Certificate
- Virtual Machine Compute Optimizer
- Demystifying IO Operation Readouts in ESXi | Cody Hosterman
- Amplify Framework Update – Quickly Add Machine Learning Capabilities to Your Web and Mobile Apps | AWS News Blog
- Synology Memory Issues and Crashing - The time I've wasted on technology...
- Make Sure Your SQL Servers are Running the Latest CU with the New SQL Assessment cmdlets | SQLvariations: SQL Server, a little PowerShell, maybe some Power BI
- Database Migration from non-CDB to PDB - Typical Plugin Issues and W/A
- Database Migration from non-CDB to PDB - The COMPATIBLE pitfall
- Database Migration from non-CDB to PDB - The Time Zone Pitfall
- Database Migration from non-CDB to PDB - The Component Pitfall
- Oracle Database Proactive Patch 12.1.0.2.190716 failing with ORA-04068 ORA-04061 ORA-04065 - DBA - Rodrigo Jorge - Oracle Tips and Guides
- Programmer Uses "Logic Bomb" To Fool Company Into Rehiring Him Every Few Years
- Soft Skills Every Team Leader Should Have – Business Ideas
- How to Install Kanboard Project Management Software on Debian 10
- 7 Python Machine Learning Modules To Get Acquainted With - krypted
- Top Modern Data Warehouse questions | James Serra's Blog
- Happy Sysadmin day 2019 | Born's Tech and Windows World
- BlueKeep is almost here. If you haven’t installed Win7/XP patches since May, get your systems patched! @ AskWoody
- Bluetooth privacy and the FreeStyle Libre 2 glucose monitoring system | Ctrl blog
- Is AWS passing on the benefits of storage media price reductions? - Architecting IT
- Windows 7: Support ends in 6 months | Born's Tech and Windows World
- Update history of .NET Framework patches | Born's Tech and Windows World
- BlueKeep warning: Exploit might come soon? | Born's Tech and Windows World
- PowerShell Tutorial Mini-Course (Free)
- Create a PowerShell script to monitor SQL services
- An Active Directory user is locked out: don't panic! Use PowerShell
- Hi, I'm Dave and this is how I work
- How to remove Windows 10 apps with PowerShell (tutorial)
- Using WMI in PowerShell the easy way
- AWS X-Ray: Peering into Microservices built in AWS
- Using PowerShell to escape double quotes and all things strings
- Impress the boss with this basic PowerShell Windows Update report
- Building a PowerShell script from existing docs
- Cheat.sh Shows Cheat Sheets On The Command Line Or In Your Code Editor - Linux Uprising Blog
- How to earn a promotion as a sysadmin | Enable SysAdmin
- Top Cloud Compliance Software Tools
- Listen to Music through the Ubuntu Terminal
- Wielding PowerShell with file shares: Getting started
- The Cyberlaw Podcast: Illuminating Supply Chain Security - Lawfare
- The Cyberlaw Podcast: What It’s Like to Live Through a Big Data Breach - Lawfare
- Attorney General William Barr on Encryption Policy - Lawfare
- The Sorry State of Cybersecurity Imagery - Lawfare
- What can we learn from recent ransomware news? | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, Power Protect, CSM
- Use PowerShell to test a remote connection (a tutorial)
- Infrastructure testing with Pester: from the trenches
- How to use PowerShell to create scheduled tasks
- Here's how SRPs (Software Restriction Policies) work (tutorial)
- How to import an OVF file in VMware with PowerShell
- The unforeseen benefits of scripting and automation
- How to Transfer File Permissions with PowerShell
- How to check your PowerShell version (all the ways)
- How to check for a pending reboot (automated with PowerShell)
- Frankenstein at 200 - Lawfare
- Hiiro: A Modern Bizen-Yaki Water Carafe | Spoon & Tamago
- Bizen-yaki
- How To Check Swap Usage Size and Utilization in Linux - nixCraft
- How to Speed Up Package Downloads and Updates with apt-fast on Ubuntu
- Setting up a JMeter Cluster for web server load testing
- IT Burnout – The Task List | The Networking Nerd
- How to Use Topgrade to Easily Upgrade Your Linux System - Make Tech Easier
- CISSP Process Guide - Fadi Sodah (madunix) | ThorTeaches CISSP, CISM & CISA
- Sunflower notes - CISSP - Maarten de Frankrijker | ThorTeaches CISSP, CISM & CISA
- The memory palace – Prashant Mohan | ThorTeaches CISSP, CISM & CISA
- SQL Server 2019 availability group R/W connection redirection, routing mesh and load balancing - Blog dbi services
- How to Stay Ahead of the Competition – Running Your Business
- Video : Oracle Linux 8 Installation | The ORACLE-BASE Blog
- Moving your SQL Developer preferences between machines – ThatJeffSmith
- Data in a Flash, Part IV: the Future of Memory Technologies | Linux Journal
- On a Budget: Best Ways to Cut Back on Costs As a Single, Working Mother | Penniless Parenting
- ICND1 & ICND2 » Connect Python to GNS3 for Automation in Win10
- Which Households Spend More, Less, or Exactly What They Earn? Breakdown by Income Level — My Money Blog
- The power of focus: Why you should tackle one goal at a time
- Negotiation Skills You Should Cultivate – Entrepreneurs
- vSphere 6.7 Update 2 Upgrade Guide - VirtuallyInclined.com
- Building a Modern CI/CD Pipeline in the Serverless Era with GitOps | AWS News Blog
- United State's DMARC Status script X-Post /r/Sysadmin : netsec
- Test your Windows Server 2016 configuration with PowerShell
- Bulgarian tax agency breach may have compromised 5 million people
- Build a PowerShell menu that'll blow your users' socks off
- The PowerShell parameter demystified and uncovered
- Backup as a Service - Architecting IT
- On-premises infrastructure - as a service - Architecting IT
- Equifax reportedly close to $700 million data breach settlement
- I Was A 10x Engineer. And I’m Sorry. | The Networking Nerd
- =
- ICND1 & ICND2 » OSPF Sim
- ICND1 & ICND2 » OSPF Neighbor Sim
- Erman Arslan's Oracle Blog: OBIEE -- Strange error & Interesting Solution "You cannot publish to the Apps Library because you do not have write permission on the /Apps folder in catalog."
- Best Practices for Oracle Data Guard on Azure – DBAKevlar
- “Cadillac Tax,” While Likely Repealed, Would Control Health Care Costs
- it would tax $0.40 of every dollar of health insurance benefits over $11,200 for individuals and $30,150 for families. According to Kaiser Family Foundation, in 2018, average annual premiums for individuals were about $7,000, and about $20,000 for families.
- Unison: Your Home Has a ~30% Chance of Being Worth Less in 5 Years — My Money Blog
- Whats a SQL Notebook in Azure Data Studio? | SQL DBA with A Beard
- Don't buy a new car without this cheat sheet!
- 3 Areas to Start Freelancing on the Right Foot: Communication, Invoicing and Learning – Business Ideas
- Learning Docker Image Layers and Cache Best practices – Virtual Me
- Druva – In The Cloud, Of The Cloud, Protecting The Cloud | PenguinPunk.net
- AWS Named as a Leader in Gartner’s Infrastructure as a Service (IaaS) Magic Quadrant for the 9th Consecutive Year | AWS News Blog
- The Four Horsemen of the Appocalypse | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, Power Protect, CSM
- Apathy: It doesn’t matter if this application is old, we’ll just let the requirements of the legacy application define what we can or can’t do within the business. I perhaps saw this best when new Windows laptops had to be forcibly downgraded to 32-bit versions because a critical business desktop application was 16-bit and incompatible with 64-bit versions of the OS. This caused a plethora of other challenges, but hey! the 16-bit application kept on ticking.
Procrastination: Let’s leave it another year and see if the problem goes away. (Narrator’s voice: It won’t.) This is the “kicking the can down the road” solution. It’s not quite the same as apathy. Whereas apathy will result in delays on new systems upgrades or functions, procrastination will lead to some upgrade, at some point, being done, and chaos erupts! as the legacy application ceases to be accessible.
Budget: We’d get to this if we have the money. But it’ll cost $X to fix it and we don’t have that money. Meanwhile, flagellate the IT department for having to pay a 30% increase in maintenance fees on end of service life equipment, and ignore the soft costs of people spending endless amounts of time keeping equipment and systems on life-support.
Emulation: Virtualise it and make it go away. More recently, that can also mean containerise it and make it go away. (Maybe the next step will be legacy production applications running in WINE?)
- How to convert an employee handbook to SharePoint library with metadata - SharePoint Maven
- Planning a cloud migration? Get your identity privileges in check first
- Tech Debug » Sunscreen – Does it really help?
- Chris's Wiki :: blog/sysadmin/SwitchesAndPowerGlitch
- Active Directory Administrator ‘Backdoor’ | Born's Tech and Windows World
- The king of dal | Seth's Blog
- LEGO-Based Robot Arm With Motion Planning | Hackaday
- Steganography: The Art of Concealing
- Post Archive - Ohio InfoSec Forum
- Inside the IT industry’s largest commercial open source software ecosystem - Technology, Tech, Red Hat, Open Source, Business, Society - Comms MEA
- Are Open Source Active Path Testing Tools Viable for You? | Insight for the Connected Enterprise
- What Is Open-Source Software? (+The Benefits and Risks)
- ThoughtWorks Releases Taiko - A Free and Open Source Browser Automation Tool
- Swimlane research team open sources pyattack | Swimlane
- Computer password inventor Fernando Corbato dies at 93
- Fernando "Corby" Corbato
- Two Years After WannaCry, NHS Still Not Properly Safeguarded Against New Attacks - Security Boulevard
- Cyberattack shuts down La Porte County government systemsSecurity Affairs
- CVE-2019-1132 Win 0Day used by Buhtrap Group in government attackSecurity Affairs
- CVE-2019-1132
- Executives’ Changing Views on Cybersecurity - Security Boulevard
- Healthcare Needs Cybersecurity Pros that Anticipate What Threat Actors Will Do Next [Q&A with Dr. Rebecca Wynn] - Security Boulevard
- Matrix Medical Network
- Top 10 Best Cyber Security Podcasts of 2019 - Security Boulevard
- Thirty-four years - Building out Disaster Recovery (Part 6)
- Thirty-four years - System Administration, Backups, and Data Centers (Part 5)
- GDPR Bares Its Fangs: €315 Million in Penalties over Just Three Days - Security Boulevard
- Fire Up Your Cyber Security Career with These 9 Job-Related Tips - Hashed Out by The SSL Store™
- Hack the Box (HTB) machines walkthrough series — YPuffy - Security Boulevard
- "Glass-box" Solutions Are Critical For Cybersecurity Reporting To Executive Management - Security Boulevard
- What is Shadow IT? - Security Boulevard
- How Do Your Cyber Exposure Practices Stack Up to Those of Your Peers? - Blog | Tenable®
- Cybersecurity: Malware lingers in SMBs for an average of 800 days before discovery - TechRepublic
- the time between an attack penetrating a network's defenses and being discovered—ranged from 43 to 895 days for SMBs, the report found. The average dwell time for confirmed, persistent malware was 798 days. Dwell time for riskware—including unwanted applications, web trackers, and adware—averaged 869 days.
- Wannacry ransomware attack: Industry experts offer their tips for prevention - TechRepublic
- Zero Day Initiative — The July 2019 Security Update Review
- Cheat-Sheets — Malware Archaeology
- deploying-security-onion-for-monitoring-hids.pdf
- 5 Tips to Create an Effective Information Security Management Committee (ISMC) | Pivot Point Security
- Major Security Risks and Mitigation Strategies for 2019Rafeeq Rehman – Personal Blog
- Rifiuti2 - Windows Recycle Bin Analyser
- Cloud Security Audit - A Command Line Security Audit Tool For Amazon Web Services
- Commando VM v1.3 - The First Full Windows-based Penetration Testing Virtual Machine Distribution
- Install Kubernetes on Windows 10 Professional | geekdudes
- Trial period reset of Visual Studio Community Edition – Dimitri's Wanderings
- Is insurance coverage for cyber claims barred by a war exclusion?
- Automatically Build Kali VM’s in VirtualBox – JerryGamblin.com
- Documentation required by ISO 27001 - IT Governance Blog
- To use ITIL 4 or not use ITIL 4, that is the question - IT Governance Blog
- The GDPR: Preparing your organisation for DSARs - IT Governance Blog
- How to handle a ransomware attack - IT Governance Blog
- How should you investigate a data breach? - IT Governance Blog
- Infosecurity.US - Web Log - Nearly Thirty Percent Of Most Popular VPNs Worldwide Owned By Hidden Chinese Organizations
- ShowMeCon 2019 20 TLSv13 Minor Version Major Changes John Wagnon - YouTube
- How a decentralized cloud model may increase security, privacy | CSO Online
- How to bridge the cyber-risk management gap | CSO Online
- Certain Anesthesia Devices Have Vulnerabilities: Researchers
- Researchers Disclose Vulnerability in Siemens' ICS Software
- An Introduction to API Based Documentation Automating - EvilTester.com
- U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack
- Combating WannaCry and Other Ransomware with OpenZFS Snapshots - iXsystems, Inc. - Enterprise Storage & Servers
- The Prehistory of the Computer - krypted
- McAfee Endpoint Security blocks Windows login | Born's Tech and Windows World
- Tomato and Watermelon Salad, Easy, Vegan, Paleo, and Delicious | Penniless Parenting
- Why application security should be a key part of development [Q&A]
- Hyperconvergence Performance Testing | ESX Virtualization
- VMware vRealize – Operations Without Operators | PenguinPunk.net
- Building a Multi Regional Web Application with Azure Front Door - Cloud for the win!
- Performance Hub in Oracle Autonomous Database – ThatJeffSmith
- GIS on Linux with SAGA | Linux Journal
- JSON and XML: How Do They Compare? - via @codeship | via @codeship
- Three key checklists and remedies for trustworthy analysis of online controlled experiments at scale – the morning paper
- Empathy, Applications, User Experience. | Tallan Blog
- Top 10 Tools in My Personal Learning Environment 2019
- The $50,000 an hour gate agent | Seth's Blog
- Java mon amour: Java JSSE SSL flags
- Write a Novel with Open Source Tools » Linux Magazine
- How to be an IT rock star - Cliff Saran’s Enterprise blog
- Preserving Laptop Stickers on MacBooks - Graham Stevens – Grh.am
- SQL SERVER – Security Conversations and Notes with a DBA – it's notes
- Chris's Wiki :: blog/sysadmin/YubikeyMostlyDropped
- The 10 Top GUI Tools for Linux System Administrators
- RHEL 8 enables containers with the tools of software craftsmanship
- Building a computer - part 1
- German data protection organization: use of Office 365 in schools is illegal – Nextcloud
- MTTR is dead, long live CIRT | Opensource.com
- Why virtualize Domain Controllers? - The things that are better left unspoken
- Sizing Domain Controllers correctly on VMware vSphere - The things that are better left unspoken
- Microsoft Putting Patent Traps Inside Linux While Blackmailing Companies Using Patents Associated With These Traps | Techrights
- Customising an ESXi Image Profile
- Azure VM vs Disk vs Costs, Does Size matter ? or a Higher price for better specifications #Azure #Storage #Performance | Robert Smit MVP Blog
- On PASCAL - krypted
- Microsoft Security Update Summary (July 9, 2019) | Born's Tech and Windows World
- What you should measure on your database storage and why - Blog dbi services
- Storage performance benchmarking with FIO - Blog dbi services
- Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch @ AskWoody
- Cloud Services - Build, Buy or Fork? - Architecting IT
- Automating PowerShell Universal Dashboard Installation in Azure
- 4 Reasons Why SOC Superstars Quit
- Vulnerability Found in GE Anesthesia Machines
- Industry Insight: Checking Up on Healthcare Security
- Monroe College Hit with Ransomware Attack
- British Airways faces record £183 million GDPR fine after data breach
- Learn Everything There is to Know about Testing PowerShell Scripts
- The most magnificent thing about Vulnerabilities and who is behind the magic | Alexander V. Leonov
- Marriott Faces $124 Million GDPR Fine in UK
- Microsoft Patches Zero-Day Vulnerabilities Under ...
- 32 Active Directory Scripts to Automate Anything
- 10 tips for reviewing code you don't like - Red Hat Developer Blog
- Happy 20th Birthday SAP Linux Lab! - SUSE Communities
- A Complete History of Computers: From the 1800s to Now
- I’ve Been Reading Books Wrong | levlaz | лев | 列弗
- Steve Jobs Magically Saved Apple By “Casting Spells”: Bill Gates
- Serverless: The Minimilism Mindset - WoodITWork.com
- Assumptions | Oracle Scratchpad
- Yes you can! Submitting an InfoSec CFP | CyberWatch
- Book Review: The Spy in Moscow Station
- Linux for Pentester: git Privilege Escalation
- Croatia government agencies targeted with news SilentTrinity malwareSecurity Affairs
- SilentTrinity
- Chris's Wiki :: blog/linux/SoftwareRaidClearingDiskErrors
- Howto create a Debian 9 preview as Vagrant box with Packer
- DarkScrape - OSINT Tool For Scraping Dark Websites
- Story – Packet Loss and Failing 10Gbps SFP+ Optic
- Raspberry Pi: Combine a Raspberry Pi with up to 4 Raspberry Pi Zeros for less than US$50 with the Cluster HAT - NotebookCheck.net News
- Essential Eight Maturity Model | Cyber.gov.au
- 10 Types of Phishing Attacks and Phishing Scams - Hashed Out by The SSL Store™
- Pi4 not working with some chargers (or why you need two cc resistors) – The blog of Tyler Ward (aka scorpia)
- How to design a proper USB-C™ power sink (hint, not the way Raspberry Pi 4 did it)
- How many kinds of USB-C™ to USB-C™ cables are there? — Benson Leung
- Patch OBIEE the quicker way - with OPatch napply
- How to find expensive, inefficient and long running LDAP queries in Active Directory | Ask Premier Field Engineering (PFE) Platforms
- CERN Computer Security Information
- unclass-faq_dodroot_cert_chaining_issue.pdf
- CISSP 16-week Study Guide, Resources, and Links to Source Documents : cissp
- Study Notes and Theory - A CISSP Study Guide
- 1230_DISAs_Application_Security_and_Development_STIG_How_OWASP_Can_Help_You-Jason_Li.ppt - DISAs_Application_Security_and_Development_STIG_How_OWASP_Can_Help_You-Jason_Li.pdf
- Design and Development of a Web-Based DOD PKI Common Access Card (CAC) Instruction Tool
- Microsoft Word - Section Dividers.doc - 2012pki.pdf
- Passed, Thank You. : cissp
- Remediate Specific Cipher and TLS/SSL Vulnerabilities in Windows | RainingForks Tech Blog
- UK Forensics Firm Paid Ransom in Cyberattack
- Secure Oracle database binaries by updating JDK – Geodata Master
- CPSC 4660
- PowerPoint Presentation - TueAM2_2_CMMI.pdf
- Index of /~grewe
- Ten Strategies of a World-Class Cybersecurity Operations Center - pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf
- Want to Raise Successful Kids? Science Says Do These 5 Things Every Day | Inc.com
- mdctf
- Why Cybersecurity Threats in Medtech are Really Scary | MDDI Online
- Steve Abrahamson
- Common Access Card (CAC)
- CAC Overview
- DoD PKI and KMI Token Protection Profile (Medium Robustmess), Version 3, 22 Mar 2002 - PP_PKIKMI_TKN_MR_V3.0.pdf
- Study resources | ThorTeaches CISSP, CISM & CISA
- Developer Resources
- Medical Device Security: The CISO’s View - HealthcareInfoSecurity
- Jennings Aske
- Securing Remote Desktop (RDP) for System Administrators | Information Security Office
- Dangerous States of Mind – SafeStart
- The Packer, The Windows, and the Vagrant box
- How To Design A Quick Reference Card
- 10. Virtualization with KVM
- CVE security vulnerability database. Security vulnerabilities, exploits, references and more
- Ansible vs. Terraform: Fight! - Linux Academy Blog
- NVD - Data Feeds
- Why Healthcare CIOs Are Embracing the Cloud
- 1. Communication With Patients
2. Collaboration with Physicians
3. Scalability for Growth
4. Data Recovery
5. Research Opportunities
6. Compliance
- Boscloner Next-Gen RFID Testing
- The Purdue model for Industrial control systems - Industrial Cybersecurity
- 2018-Present - dpmilroy
- Ten User
- Pavilion Data Systems Overview | PenguinPunk.net
- VMWare vSphere 5.5 - Showing incorrect information in vSphere Web Client - The time I've wasted on technology...
- Script Compare Server Configurations
- Script Compare DHCP Server Settings with PowerShell DHCP Cmdlets
- VM Become Unresponsive During vMotion. – VMwareMinds
- Microsoft Word - nessus_compliance_checks (2).docx - nessus_compliance_checks.pdf
- 3 Tips for Enterprise Patch Management
- I Feel Stupid Doing This but It Helps When Presenting
- Report: UK's Largest Forensics Firm Pays Ransom to Attacker
- Introducing Kvasir - Cisco Blog
- TIP: List of Undocumented WUAUCLT Command Parameters - System Center Central
- Windows Update WUAUCLT Command Line Switches » Technology & MSG » Blog Archive
- PowerShell script help for Windows Update
- The Skills Needed to Combat Today’s Cybersecurity Threats - Security Boulevard
- Some notes on the Raspberry Pi - Security Boulevard
- Top 30 Security Auditor Interview Questions and Answers for 2019
- The Top 10 Linux Kernel Vulnerabilities You Should Know
- Are We in a Cyberwar? Yes, Say Many IT Security Pros - Security Boulevard
- Employee Attack Likelihood: The Hidden Indicator Nobody Talks About - Security Boulevard
- The 7 Deadly Privileged Accounts You MUST Discover, Manage and Secure - Security Boulevard
- Deriving value from the MITRE ATT&CK Threat Model - Security Boulevard
- Top 4 Things to Tell New Hires About Cybersecurity - Security Boulevard
- A basic question about TCP - Security Boulevard
- Ransomware Attack Encrypts Medical Records at Australian Hospital - Security Boulevard
- OODA and Cybersecurity - Security Boulevard
- Cybersecurity Dashboards That Empower Decision Making
- Ransomware Attacks Becoming are More Widespread, Destructive and Expensive - Security Boulevard
- The Five Most Startling Statistics from this 2019 Global Survey of 1,200 Cybersecurity Pros [Infographic] - Security Boulevard
- Kubernetes Security Best Practices to Protect Your Cloud Containers -
- HCISPP or CISSP? What’s the Difference and Which Is Best for You? - Security Boulevard
- Jeff Man Chats about His NSA Origin Story and the State of Cybersecurity Today - Security Boulevard
- Ransomware forces Michigan medical practice to close shop - Security Boulevard
- Best Practices for Automation in Cyber Security
- NYDFS Implementation Grace Period Marks Strengthening Of Vendor Security - Security Boulevard
- Carbon Black Report Indicates Industries Most Targeted For Cyber Attack - Security Boulevard
- Healthcare Industry Remains Cybersecurity Laggard - Security Boulevard
- Is FedRAMP Criticism Fair?
- Internal Audit and IT: Joining the Same Cybersecurity Team - Security Boulevard
- Cloud Security Myth vs. Fact #1: My Provider Protects My Data - Security Boulevard
- Security that Doesn’t Slow You Down - Security Boulevard
- GDPR Business Benefits Beyond Just Compliance - Security Boulevard
- Part of the IT Career Energizer podcast - Thomas Maurer
- Load Balance IIS with Microsoft ARR | PeteNetLive
- Lessons in Vendor Lock-in: Google and Huawei | Linux Journal
- Wesng - Windows Exploit Suggester
- Understanding Key Management Policy – Part 2 - Gemalto blog
- Understanding Key Management Policy – Part 1 - Gemalto blog
- RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day - Security Boulevard
- Trends in Cyber Attacks Over the Last 15 Years by Bill Crowell - Security Boulevard
- Ransom amounts rise 90% in Q1 as Ryuk increases - Security Boulevard
- Why Every Leadership Meeting Should Include a Cybersecurity Update
- PKI: Why it’s as relevant today as it was 10 years ago - Security Boulevard
- Third Party Security Risks to Consider and Manage - Security Boulevard
- Navicent Health Discloses Data Breach as the Result of a Digital Attack - Security Boulevard
- Treating security like safety: What the FDA’s recognition of UL 2900-2-1:2018 means for developers - Security Boulevard
- 5 Minute Guide: The NYDFS 500 Cybersecurity Regulations - Security Boulevard
- Part Two: How Healthcare Cybersecurity Can Enable Innovation
- How Healthcare Cybersecurity Can Enable Innovation
- A Battle-Cry for Oracle EBS Security - Security Boulevard
- Programming languages infosec professionals should learn - Security Boulevard
- Why your development team should care about software compliance - Security Boulevard
- April's Oracle CPU Fixes Critical Bugs Reported by Onapsis - Security Boulevard
- Automating chaos experiments in production – the morning paper
- Tracking Company Jets with ADS-B to Give an Edge to Hedge Fund Investors
- Understanding Elliptic Curve Cryptography And Embedded Security | Hackaday
- Bird Feeder Monitor V2.0: 12 Steps (with Pictures)
- OpenPGP experts targeted by long-feared ‘poisoning’ attack – Naked Security
- Docker Image Security Scanning: What It Can and Can't Do - Security Boulevard
- 50 Best Kubernetes Architecture Tutorials - Threat Stack
- 30,000 organisations have certified to Cyber Essentials - IT Governance Blog
- FreeBSD Enterprise 1 PB Storage | 𝚟𝚎𝚛𝚖𝚊𝚍𝚎𝚗
- China Targeting USG Employees Via Anthem Hack - Security Boulevard
- Why doesn't the next Pi add...? Why doesn't the Pi 4 have...? The definitive debunking! - Raspberry Pi Forums
- Six Myths People Still Believe About GDPR
- Ransomware Takes Weather Channel Live Broadcast Offline - Security Boulevard
- Samba 4.11 Aims To Be Scalable To 100,000+ Users - Phoronix
- My Best Hires had 30% of “The Wrong Stuff” - Security Boulevard
- Think Cybersecurity Insurance Will Save You? Think Again. - Security Boulevard
- ITIL 4 — The main ITSM methodology gets agile and integrated with the most modern business practices - Security Boulevard
- AWS HIPAA Compliance Best Practices Checklist - Threat Stack
- ITIL v3 vs ITIL v4: What changed? | Phoenix TS
- Is The NIST CSF Replacing HIPAA In Healthcare? - Security Boulevard
- Ransomware First Response Guide - What to do in the ‘Oh $#@t’ moment - Security Boulevard
- IT vs. Sales - Turning Cybersecurity Into a Revenue Center - Security Boulevard
- Top 7 Tools and Tips for Improving Your DevOps Pipeline - Security Boulevard
- CyberSeek career path: Cybersecurity architect
- Protecting customer data at contact centers - Security Boulevard
- The CEO's Guide To Understanding Cyber - Security Boulevard
- Welcoming FIPS 140-3 - Security Boulevard
- FIPS 140-3
- 8 security points of vendor lifecycle management - Security Boulevard
- Inventorying vendors. List all your vendors and third parties that access any part of your networks or systems. Although it may be time-consuming, this process will allow you to know ALL the vendors accessing your networks, systems, and applications. This is also vital for the next step in the process, the vendor risk assessment, where you rank the risks associated with that access.
Vendor security assessment. Existing and new vendors should be transparent about their security and remote access practices. It’s important for them to implement best-in-class security that protects your customer data and other sensitive business information.
Vendor contracts. Your vendor contracts should include service level agreements (SLAs) that define the type and level of security the vendor uses enterprise-wide. Also included should be penalties for any outages, breaches, or network misuse.
Access management. Vendor technicians should only have access to the networks, servers, and applications they need to support your business. Ensure that you have the ability to restrict access rights at the system or user level. Look for a vendor privileged access management (VPAM) tool that allows you to schedule access for specific times for attended and unattended access.
Onboarding. Any software that you use to implement VPAM should have full-service onboarding and implementation services included. Some VPAM solutions validate employment status and provide the necessary access while obfuscating the actual network credentials. This is more efficient and user-friendly for the vendor’s staff.
Off-boarding. A VPAM solution should be able to transparently audit and track user activity (or lack of activity). It should also allow you to easily terminate access at the individual level. Your VPAM solution should provide an efficient and secure way for a vendor to de-provision their users that then doesn’t require customer intervention.
Monitoring, audit, and compliance. Your VPAM solution must audit and record sessions so any breach can be discovered early and tracked. This also helps to uncover any vulnerabilities as well as keep you compliant with necessary regulations and standards. Since data security and regulatory compliance are imperative for companies in highly regulated industries, your VPAM solution should produce detailed reports of who has accessed sensitive data at any time.
Usability. Solutions for third-party access should provide multi-factor vendor user authentication and automated user management that is easy to use. The process should be simple and should smoothly integrate into a normal workflow. The more user-friendly the solution, the more likely users will take advantage of it.
- The Public's Interest in Cybersecurity
- 3 things finance professionals need to know about the GDPR - Security Boulevard
- Document archiving
Right of access
Incident response
- Fourth-Party Security: Another Level of Security Management
- How organisations can effectively manage, detect and respond to a data breach? - Security Boulevard
- 8 Patch Management Best Practices to Implement
- #1: Inventory Your Systems
A comprehensive inventory of all software and hardware within your environment is a critical piece of any patch management process. Once you have a clear picture of what you have, you’ll be able to compare the known vulnerabilities to your inventory to quickly discover which patches matter to you.
#2: Assign Risk Levels To Your Systems
Risk levels give you the ability to choose the right priorities. Don’t waste the 18,000 hours spent on patching by applying patches to the wrong systems.
While all systems should be patched, it makes sense to assign risk levels to each item in your inventory. For example, a server in your network that is not accessible from the Internet should not be as high a priority to patch as a laptop used by your sales team. The more exposed to attack an item is, the faster it should be patched.
#3: Consolidate Software Versions (And Software Itself)
The more versions of a piece of software you use, the higher the risk of exposure. It also creates large amounts of administrative overhead. Choose one version of Windows, Linux, or MacOs and keep that version up to date with patches.
Large organizations sometimes buy different software products that perform similar functions. Periodically review all software in use and its purpose. When you find multiple pieces of software performing the same function, choose one and get rid of the rest. Fewer software products mean fewer patches you have to apply.
#4: Keep Up With Vendor Patch Announcements
Using third-party vendors is a common practice. It’s good business sense to use a product to perform a common task and to spend your energy building software that differentiates your business.
Keeping up with vendor patch announcements is key in this heterogeneous environment. Once you have a clear inventory of products, subscribe to all of their security updates through whatever channel patch announcements are made. Monitor each of these by sending them to a specific inbox or Slack channel. Create a process to ensure none fall through cracks so each patch can be added to the patch schedule.
#5: Mitigate Patch Exceptions
Sometimes a patch cannot be applied right away. For example, a Java patch may break an existing business application. Changes need to be made to make the patch work. However, this will take time.
In these situations, mitigate the risk to the extent possible. Lockdown user permissions on the server (which you should do anyway). Don’t leave an unpatched server exposed to the Internet. Figure out how to reduce the impact and likelihood of an exploit until the patch can be applied safely.
#6: Test Patches Before Applying Everywhere
Every environment is unique. A patch could cause problems or even bring down machines with certain configurations. Take a small subset of your systems and apply the patch to them to make sure there are no major problems.
Once a handful of systems check out, begin rolling out the patch to larger and larger groups until the entire company is patched. Patching quickly doesn’t mean applying the patch everywhere at once. Make sure patches don’t fall through the cracks and that a plan is in place to get everything patched in a timely manner.
#7: Apply Application Patches As Quickly As Possible
Applications you build have much more flexibility than operating systems and servers. When security vulnerabilities are found in your custom code, these should be added to the dev team’s backlog and treated with the same importance as vendor patches.
Don’t leave the door open for an attack in your own applications. Quickly fix vulnerabilities and update your software in production.
#8: Automate Open Source Patching
Open source components help dev teams to build software more efficiently. But open source libraries are susceptible to the same vulnerabilities as other software.
- HIPAA Compliance and Cybersecurity: How the Two Work Together - Security Boulevard
- 10 Things You Need to Know About Kerberos - Security Boulevard
- Who actually invented Kerberos and when? Kerberos is a stateless network protocol developed by MIT and considered as licensed for distribution and modification. Kerberos started as part of Athina (another mythology reference!) project in 1979, aimed at protecting MIT computer networks.
What makes Kerberos so special? Kerberos uses secret-key cryptography to provide secure communication over non-secure channels. Essentially, Kerberos is a trusted 3rd party server that issues tickets for users so they can authenticate to systems and services.
Which Kerberos feature made it so valuable for organizations? Although it may seem strange and perhaps somewhat naive, it became valuable because the implementation for Microsoft and Mac devices used DES encryption.
What is a Kerberos ticket, in a nutshell? Kerberos uses tickets to authenticate and grant access. Tickets created by a ticket granting server (TGS) are trusted by authentication server, to a specific service or endpoint requested by an account. Ticket serves as a proof of (your) identity and is always encrypted with a secret key. As long as your Kerberos ticket is valid, you will get access to the system or service.
Is it a pure single-side client server model or can it be used for mutual identity verification ? Yes and yes. It is a mutual handshake where the client and server can verify each other’s identities. They accomplish this by using the encryption of timestamp with joint session key or via challenge/response that was introduced in 2005 to solve associated vulnerabilities.
When did Microsoft officially adopted Kerberos as default authentication protocol? In year 2000: Seven years after MIT released its first Microsoft implementation. Microsoft is now using their own implementation of Kerberos rather than MIT’s original version. Your guess is as good as mine as to what goes into Microsoft’s secret sauce.
What is a “Pass the Ticket” attack? Attackers can use tools such as Mimikatz and Windows Credential Editor to mine Kerberos tickets from compromised user endpoints or from authorization servers. Once the hacker gets a hold of these tickets, they can laterally move around the network to see privileges and harvest information that can help them gain access to critical systems.
What about ‘Golden Ticket’ – is that a VIP pass? Yes – you now can go to the Chocolate Factory! Jokes side: this is called a ‘Golden Ticket’ because you are granted indefinite creation of a Kerberos generating ticket which is usually hard coded to grant access for 10 years by default (modified if you want).
Are encryption keys kept unencrypted in memory during protocol use? Yes, that is a fact. Try not to think about this too much; my grandmother always claims ignorance is bliss.
If Kerberos is supposed to be secure and widely trusted, do I still have to use strong passwords? Passwords are, unfortunately, here to stay as they are used to encrypt the certificates. Failing to use strong passwords will allow for a bruteforce attack.
Ok…for the mega-Kerberos fanatic, lets add a bonus question:
What happens if the Kerberos authentication server is down? The authentication system will be out of service. This is one of the things that makes them so attractive and the reason behind why there are so many in each deployment.
- Cybersecurity KPIs for the SMB
-
Mean Time to Detect: How long did it take us to detect the issue?
Mean Time to Respond: This metric comes from a service management perspective, and assumes someone is alerting you to a problem like an outage – typically not the case for the SMB.
If you’re using a SIEM, some organizations leverage the metrics it can provide (total number of events, total devices being monitored). I have discussed the shortcomings of SIEM for the SMB elsewhere, as well as how we are modernizing SIEM functionality within our MDR process/platform.
Which Configuration Settings have you changed? How many? The policy should dictate one number – how many systems actually reflect your policy (that you spent so much time coming up with) is of interest in assessing the progress in executing on that vision.
Patches per asset per month - shows you the rate at which you’re addressing hygiene issues. Of course, understanding this in the context of patches remaining can help too.
Vulnerabilities identified/remediated per week – ultimately, these vulnerabilities are the source of your problems. By tracking your progress in remediating vulnerabilities, you are demonstrating progress in reducing the risk facing your organization, as there is a risk that any such vulnerability could be exploited.
- St John Ambulance service hit by ransomware attack
- How to Make Your Own Windows PE Rescue Disc (And Keep Your PC Safe)
- The Cost of Ransomware Attacks on Cities - Security Boulevard
- Zeodium pays up to $500,000 for VMware ESXi, Microsoft Hyper-V exploitsSecurity Affairs
- Anubis II - malware and afterlifeSecurity Affairs
- How to get back files encrypted by the Hacked Ransomware for freeSecurity Affairs
- Norsk Hydro estimates losses roughly $41M in first week after cyberattackSecurity Affairs
- 7 tips for preventing ransomware attacks - IT Governance Blog
- The German chemicals giant Bayer hit by a cyber attackSecurity Affairs
- Sodin Ransomware includes exploit for Windows CVE-2018-8453 bugSecurity Affairs
- Thirty-four years - Security and firewalling (Part 4)
- Thirty-four years - The System Office, Novell Directories, and Building a State Backbone (Part 3)
- Thirty-four Years - Networking and Software Development (Part 2)
- Thirty-four Years - Instructor, Machinist, CNC and CAD/CAM (Part 1)
- Dell precision screen upgrade (FHD to UHD) | NotebookReview
- 6GXDN - 4k cable
B173ZAN01.0 - AUO 4k panel
- Siemens Healthineers medical products vulnerable to Windows BlueKeepSecurity Affairs
- Ransomware paralyzed production for at least a week at ASCOSecurity Affairs
- US Government halves deadline for applying critical patches to 15 days – Naked Security
- Health Apps Can Share Your Data Everywhere, New Study Shows - VICE
- Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’ - VICE
- Rewite http to https – it's notes
- Tracking and Analyzing Remote Desktop Activity Logs in Windows | Windows OS Hub
- Enable Encryption for Microsoft SQL Server Connections
- Docker, Docker-CE, Docker-EE and Moby, which one do I pick? – Marksei
- WSUS: Endpoint decommissioned; SHA2 update required | Born's Tech and Windows World
- PostgreSQL
- VMware begins patching process for Linux SACK vulnerabilities
- Security Teams: What You Need to Know About Vulnerability Response - Blog | Tenable®
- Sodin ransomware exploits Windows vulnerability and processor architecture | Securelist
- CCPA: What health care, biotech and life sciences companies should know now
- Importing VMs to KVM with virt-v2v
- The Pains Of Vulnerability Coordination – And What To Learn From It – RBS
- MIG - Distributed And Real Time Digital Forensics At The Speed Of The Cloud
- Hash-Identifier - Software To Identify The Different Types Of Hashes Used To Encrypt Data And Especially Passwords
- 'Zero Trust' Adds Up to Better Security - HealthcareInfoSecurity
- Adoption of Security Best Practices: A Status Report
- Medical Device Security: The Manufacturer’s View
- Unsupervised Learning: No. 181 | Daniel Miessler
- Top 20 Best Disk and File Encryption Software for Linux in 2019
- Raspberry Pi: Power On / Off A TV Connected Via HDMI-CEC - Linux Uprising Blog
- Functional Programming in Python – Real Python
- Robots.txt is 25 years old — Martijn Koster's Pages
- 5 common mistakes made by beginner python programmers - https://www.pythoncircle.com
- LINUX Unplugged 308: The One About GPU Passthrough
- Getting rid of annoying, repetitive messages in /var/log/messages | Frits Hoogland Weblog
- D-Link agrees to 10-year security assessment to settle FTC lawsuit
- Fix Apple Hardware Problems with Deep Cleaning - TidBITS
- Mellanox: automatic firmware update | panticz.de
- The Command Line In 2004
- Learn how to Record and Replay Linux Terminal Sessions Activity
- Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time - Microsoft Security
- The Forgotten Operating System That Keeps the NYC Subway System Alive - VICE
- How To Buy Hardware That’s Likely to Last - TidBITS
- Learning Docker creating your own base image – Virtual Me
- Learning Docker create your own micro-image – Virtual Me
- Learning Basic Docker Commands – Virtual Me
- US Cyber Command warns of nation-state hackers exploiting Outlook
- AI Could Usher in a New Generation of Catfishing - VICE
- China Is Forcing Tourists to Install Text-Stealing Malware at its Border - VICE
- Why time series databases are exploding in popularity - TechRepublic
- Inspecting Audit Logs with ausearch and aureport | Lisenet.com :: Linux | Security | Networking
- Health Data Breach Tally: A Mid-Year Update - HealthcareInfoSecurity
- Cybersecurity for Gamers 101: Gaming Malware and Online Risks
- Lake City Employee Fired Following Ransom Payment
- Healthy Food Choices For Healthy Teeth | Penniless Parenting
- HOWTO: Disable Unnecessary Services on Web Application Proxies - The things that are better left unspoken
- Five Skills That Help You Lead Remotely
- Be a flexible communicator
Set clear expectations.
Be observant.
Build trust.
Use technology.
- Horizontal leadership | Seth's Blog
- 5 Bootable Windows PE-Based Recovery Discs That'll Save Your System
- Build Your Own Selfie Drone With Computer Vision | Hackaday
- Exploring Basement Humidity With A Raspberry Pi | Hackaday
- FarmBot Unveils New CNC Gardening Robot Models | Hackaday
- Intel and the auto industry pen first safety rules for self-driving cars
- Risk Management - If a Thing is Worth Doing, Its Worth Doing Right | Pivot Point Security
- Veeam Virtual Labs & SureBackup | PeteNetLive
- Senator Warren Says Key FCC Cybersecurity Advisory Council Panders to Industry - VICE
- Your Future Doctor Could Monitor Your Facebook Posts for Disease - VICE
- John Deere's Promotional USB Drive Hijacks Your Keyboard - VICE
- Kentucky Deploying 'Armored' Internet Fiber to Fend Off Hungry Squirrels - VICE
- Thousands of Facebook Users Hit in Malware ...
- What You Need to Know About Vulnerability Management Best Practices - Blog | Tenable®
- KPIs
Scan frequency: How often does your enterprise conduct assessments?
Scan intensity: How many different scans are launched on a given scan day?
Asset authentication: How does your enterprise measure assessment depth?
Asset coverage: What proportion of the licensed assets are scanned in a 90-day period?
Vulnerability coverage: What proportion of total vulnerability plugins are used in a 90-day period?
- Keeping Up With the Patches: A Tour Through Spring 2019 Threat Alerts
- One-fifth of the most-used Docker containers have at least one critical vulnerability | Kenna Security
- Getting 2FA Right in 2019 | Trail of Bits Blog
- Mortgage Payoff Experiment - Pay Off Mortgage Early or Invest? | Mad Fientist
- Virginia updates its revenge porn law to include deepfakes
- Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update - Microsoft Security
- “From the Server Room to the Board Room”: The 4 Top Concerns of Security-Aware C-Suites | Pivot Point Security
- 1. Advanced Persistent Threats (APTs). Whether sponsored by nation-states or organized crime, the end goal of APTs is the same: advancing financial advantage and/or a political or social power play. As APTs have ramped up, smaller businesses have come well within their scope. Any adversary can easily find out about your company’s financial status and probable security posture, and target you at will. That is the harsh reality of today’s business landscape.
2.Moving to cloud solutions. Seeking to decisively enhance their security postures to manage the risk of APTs and other threats (among other drivers), more and more clients are asking us: “How do we address security in the context of moving to the cloud? Because we no longer want to buy, maintain and secure all that infrastructure ourselves.” Security and cloud are now part of the same conversation, versus moving to the cloud now and worrying about security later.
3. Finding security leadership. Having moved from the server room to the board room, security is no longer just an IT management issue. Analogous to the roles of the CFO and the General Counsel, today’s CISO must rise to a similar level of responsibility for the organization’s ongoing viability. Further, the move to cloud requires expertise around security architecture, auditing, maintenance, etc. that is different from “traditional” IT security roles. Attracting effective security leaders in these emerging areas given today’s leadership shortage is a major CxO concern.
4.Compliance with privacy mandates. With the emergence of GDPR and CCPA, many of our customers are worried about compliance with privacy regulations. They realize that security and privacy domains are similar in many ways, but privacy brings its own, unique challenges—and now is the time to meet them.
- Thoughts on Two Years of Working from Home - PacketLife.net
- NetBox v1.1.0 Released - PacketLife.net
- Taking the CCIE Lab in RTP - PacketLife.net
- Response to "Certifications Are Not A Big Deal. Stop Being a Princess About It." - MovingPackets.net
- Auditing the SELinux Policy with sesearch | Lisenet.com :: Linux | Security | Networking
- Can Patient Data Be Truly ‘De-Identified’ for Research?
- A Privacy-Driven Security Culture - Security Boulevard
- How to Create Smarter Risk Assessments
- The Truth About Your Software Supply Chain
- New Warning on Ryuk Ransomware
- Retooling for Privacy | Calvin Bui
- Ransomware Hits Georgia Court System
- What to Expect from the Security and Risk Management Market in 2019: Recap from the Gartner Security and Risk Management Summit - Security Boulevard
- Threat Intelligence Best Practices - Security Boulevard
- 10 Data Privacy and Encryption Laws Every Business Needs to Know - Security Boulevard
- amass — Automated Attack Surface Mapping | Daniel Miessler
- The tyranny of small debts, compounded | Seth's Blog
- Boeing’s 737 Max Software Outsourced to $9-an-Hour Engineers - Bloomberg
- Beginner's Guide v2 - The MagPi MagazineThe MagPi Magazine
- Five defence challenges facing Canada
- The 10 Best Calibre Plugins for Ebook Lovers
- Leadership is a practice not a position of authority (Gurteen Knowledge)
- 5 tips to improve your company's IT security
- » Open Hardware: Open-Source MRI Scanners Could Bring Enormous Cost Savings
- Top Web Based Docker Monitoring Tools – Linux Hint
- Top 10 Ethical Hacking Books – Linux Hint
- AMD Releases Firmware Update To Address SEV Vulnerability - Phoronix
- Linux Kodachi 6.1 The Secure OS | Eagle Eye | Nonprofit Organization
- abcde - CD ripping software for the command line - LinuxLinks
- OpenAssessIt Toolkit · GitHub
- To defeat ransomware, we must first diagnose it correctly
- The History of Cellular Network Security Doesn’t Bode Well for 5G | Electronic Frontier Foundation
- Knowledgebase: Azure AD Connect’s Seamless SSO breaks when you disable RC4_HMAC_MD5 - The things that are better left unspoken
- If you want Azure AD Connect’s Seamless Single Sign-on functionality to work, RC4_HMAC_MD5 will need to be available.
- NetApp Ontap 9.6 Simulator Upgrade
- Dijkstra was only partially correct about testing
- This Malware Created By A 14-Yr-Old Is Bricking Thousands Of Devices
- Silex
- Syncing Time within An Active Directory Domain Checklist | KC's Blog
- Find All HP iLOs on your Network | PeteNetLive
- Migrating away from the Ubiquiti EdgeRouter Lite | Logan Marchione
- Installing Docker on Linux – Virtual Me
- Creamy Mushroom and Spinach Pasta - Spoonful of Flavor
- Here’s the Microsoft April Patch Tuesday roundup – Naked Security
- Belgian programmer solves cryptographic puzzle – 15 years too soon! – Naked Security
- Can you get hit by someone else’s ransomware? [VIDEO] – Naked Security
- Serious Security: Ransomware you’ll never find – and how to stop it – Naked Security
- How to recover from a security breach
- How to Obtain Valuable Data from Images Using Exif Extractors « Null Byte :: WonderHowTo
- Don’t break Windows 10 by deleting SID, Microsoft warns – Naked Security
- Top 10 Browser Extensions for Hackers & OSINT Researchers « Null Byte :: WonderHowTo
- 5 principles driving a customer-obsessed identity strategy at Microsoft
- Seth - Perform A MitM Attack And Extract Clear Text Credentials From RDP Connections
- Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability
- BackBox Linux 6.0 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment
- MozDef - Mozilla Enterprise Defense Platform
- Vxscan - Comprehensive Scanning Tool
- One-Lin3r v2.0 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More
- Cryptr - A Simple Shell Utility For Encrypting And Decrypting Files Using OpenSSL
- GDPR and Apache logs, remove last octet of an IP address - Koen Van Impe - vanimpe.eu
- Infosecurity.US - Web Log - New NIST IOT Cyebrsecurity Document Published
- £60 million in recovery costs for Norsk Hydro after refusing ransom demand - IT Governance Blog
- Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface
- Home Office report reveals susceptibility to accidental data breaches - IT Governance Blog
- Medical debt collection agency files for bankruptcy protection after data breach - IT Governance Blog
- What are the 10 steps to cyber security? - IT Governance Blog
- List of data breaches and cyber attacks in June 2019 – 39.7 million records leaked - IT Governance Blog
- Safeguarding Health Information: Building Assurance through HIPAA Security 2019 | NIST
- Experts: Spy used AI-generated face to connect with targets
- Key Biscayne Hit by Cybersecurity Attack
- Google's next undersea internet cable will link Africa and Europe
- Medical Device Cybersecurity: The Top Challenges
- Second Florida City Pays Up Following Ransomware Attack
- Bill Proposes Easing HIPAA Enforcement Action in Some Cases
- Police Arrest 6 in $28 Million Cryptocurrency Fraud Probe
- TLS certs for internal OTS hardware - DigiNinja
- Finding Free Images | Diary of a Network Geek
- Jony Ive helped make Apple what it is today
- Deploying and Configuring a vCenter Appliance using Terraform
- Jaffar's (Mr RAC) Oracle blog: Oracle Exadata X8 key capabilities summary
- work Agile in a GxP-regulated environment - Blog dbi services
- Replaced my failed gas water heater with a much more efficient Rheem hybrid electric with WiFi, its quiet heat pump is also dehumidying and cooling my basement | TinkerTry IT @ Home
- Health Insurer Reports Data Breach That Began 9 ...
- Could Foster Kids Help Solve the Security Skills ...
- Former Equifax CIO Sentenced to Prison for Insider ...
- How GDPR Teaches Us to Take a Bottom-Up Approach to ...
- Top 8 security mistakes in SAP environments | CSO Online
- Quinoa and Beet Salad with Tahini Dressing Recipe -- Vegan, Easy, and Delicious | Penniless Parenting
- 5 Basic Maintenance Tips for Your Air Conditioning Unit | Penniless Parenting
- Intel’s Optane: Two Confusing Modes. Part 4) Comparing the Modes | The SSD Guy
- 2 Medical Practices Among Latest Ransomware Attack Victims
- The World is Collapsing into Two Countries—Green and Red | Daniel Miessler
- Today’s Top Public Cloud Security Threats …And How to Thwart Them
- NIST releases guidelines for building trustworthy, secure software
- EFF reveals top priorities for consumer data privacy laws
- Medical debt collector files for bankruptcy after data breach
- Healthcare Exchange Standards: ACME is not appropriate for Heathcare use
- Beginner’s Guide to Nexpose
- Machine Learning Doesn't Introduce Unfairness—It Reveals It | Daniel Miessler
- The Growing Threat of Botnets & Cryptominers | CyberWatch
- I provide some details on which CVEs, which exploits, and which tactics are being used by attackers; which ports should be monitored and are used by miners; how Linux, Docker and Mac are now targets; and articles and sources on recent attacks. Some attacks I use to illustrate are:
Kingminer: bruteforce entry on servers running MS IIS/SQL, disabling
configuration file with API for evasion
PSMiner: backdoor Trojan cryptominer targeting Linux and MacOS via
CVE-2018-20062
Docker Rigs: Cryptojacking campaigns on vulnerable docker rigs
leveraging CVE-2019-5736 to overwrite the runc binary and create a
container escape to write arbitrary code
Smominru: Massive cryptomining rig leveraging EternalBlue and WMI
WireX: Botnet of Android devices infected through Google Playstore
apps to connect them to a headless Web browser and encrypt malicious
traffic using SSL
CVEs/Vulnerabilities used for RCE:
CVE-2012-0874: JBoss Enterprise Application Platform Multiple Security
Bypass Vulnerabilities.
CVE-2010-1871: JBoss Seam Framework
JBoss AS 3/4/5/6: CVE-2017-10271: Oracle WebLogic wls-wsat Component
Deserialization RCE
CVE-2018-2894: Vulnerability in the Oracle WebLogic Server component
of Oracle Fusion Middleware.
Hadoop YARN ResourceManager – Command Execution
CVE-2016-3088: Apache ActiveMQ Fileserver File Upload
- Windows 10: Diagnose tool SetupDiag | Born's Tech and Windows World
- Parents' lack of cybersecurity knowledge holds back children's career choices
- Kali Linux sets out its roadmap for 2019/20
- What Is the Digital Divide, and Which Side Are You On?
- Book recommendations–present, future and past | Seth's Blog
- A tale of two cities: Why ransomware will just get worse | Ars Technica
- Naples Rolls Out A Fine-Tuned Dough, And The New 'Cloud Pizza' Is Born : The Salt : NPR
- Apple's Scary Buying Power And The Woman Who Named It : Planet Money : NPR
- monopsony - the power a firm had when it was the single buyer of something.
- Nines are not enough: meaningful metrics for clouds – the morning paper
- What bugs cause cloud production incidents? – the morning paper
- 13 Websites to Find People on the Internet
- 6 Slideshow Design Mistakes You Should Avoid in Your Next Presentation
- Never use Comic Sans.
Avoid cursive script.
Never use an image without permission.
Never enlarge pixel based images.
Don’t place your text in random order.
Don’t ignore the importance of a theme.
- Before Computers: Notched Card Databases | Hackaday
- Finally, An Open Source Multimeter | Hackaday
- . The
- Your Security Audit Roadmap - Linux Academy Blog
- The 9 Best Soldering Irons for Beginners
- 5 Ways to Safely Test Your Antivirus Software
- Open Source Could Be a Casualty of the Trade War « bunnie's blog
- Mentoring new system administrators | Enable SysAdmin
- Raspberry Pi pHAT detects indoor pollution, and optionally, outdoors too
- What is Fragmentation?
- Cyber-attacks on hospitals most likely come from China, SRI says – The Romania Journal
- Certificate Chain Incomplete | PeteNetLive
- Understanding Public Key Infrastructure and X.509 Certificates | Linux Journal
- Security-Focused HTTP Headers to Protect Against Vulnerabilities
- Cranky Old Network Engineer Complains About The Youth Of Today - MovingPackets.net
- Install CHR On Proxmox | Greg Sowell Consulting
- Data breach at Desjardins (Canadian credit union) | Born's Tech and Windows World
- US cyberattack reportedly knocked out Iran missile control systems
- Microsoft releases out-of-band fixes for Win7 and Win8.1 on 6/20 @ AskWoody
- A rogue Raspberry Pi helped hackers access NASA JPL systems
- A Method for Establishing Liability for Data Breaches - Lawfare
- Thank you VMware, for two and a half awesome years as an HCI Systems Engineer! | TinkerTry IT @ Home
- The Budapest Convention Offers an Opportunity for Modernizing Crimes in Cyberspace - Lawfare
- Windows Terminal preview now available to download
- How will you backup and recover Windows 2008/R2 after January 2020? | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, Power Protect, CSM
- Dump TNSNAMES.ORA from ActiveDirectory – Laurent Schneider
- Why the US Government Just Made Its Own Font, Open Sans
- Daniel Stori's 'Oracle Download Page' - Security Boulevard
- Application Security Best Practices - Security Boulevard
- How the “Diamond Model” Can Help SOC Analysts Boost Incident Response - Siemplify
- The good, the bad and the unexpected: what GDPR has taught us in the last year - Security Boulevard
- 3 Ways Norsk Hydro Kept its Reputation During LockerGoga Cyberattack - Security Boulevard
- Health Care Digitalization Brings New Security Challenges - Security Boulevard
- GPOs for Windows, macOS, and Linux | JumpCloud
- Your threat model is wrong - Security Boulevard
- Docker Container Monitoring: Protect Your Investment - Security Boulevard
- Journey to OSCP - 10 Things You Need to Know
- During the less restricted labs, it is good practice to redo a system again “manually” after you were able to use it using a more automated method that isn’t allowed in the actual exam
- CJIS Requirements: What Businesses Need to Know
- Information security career resume tips
- Unpatched Vulnerabilities Caused Breaches in 27% of Orgs, Finds Study - Security Boulevard
- Four Essential Cloud Security Concepts - Security Boulevard
- Cyber Security Roundup for May 2019 - Security Boulevard
- U.S. Businesses Lost $654 Billion from Cyberattacks in 2018 - Security Boulevard
- $654 Billion
- Ransomware succeeds because targets don’t learn from history - Security Boulevard
- Mimikatz and Windows RDP: An Attack Case Study - Security Boulevard
- National Cyber Security Strategy 2016 to 2021: progress so far - GOV.UK
- UK Security BSides, Mark Your Calendar & Don't Miss Out - Security Boulevard
- How nCipher Security Recommends Hospitals Can Stay Resilient to Cyber-Threats - Security Boulevard
- Automated Office Updates v1.0 – Stick To The Script
- The essentials of vendor risk management - SecureLink
- Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis
- Target Stores Back Online After Crippling Cash Register Computer Failure : NPR
- How to Install uTorrent in Ubuntu 18.04 and Ubuntu 19.04 - LinuxBabe
- Chris's Wiki :: blog/programming/IntelCPUIDNotes
- shellcheck and You Should Too
- Topic: Word Mailmerge Tips & Tricks @ AskWoody
- Tip: PowerShell workarounds for June bug in Windows Event Viewer | Born's Tech and Windows World
- The Cost of Cybercrime - Schneier on Security
- InfoSec Handlers Diary Blog - Using AD to find hosts that aren't in AD - fun with the [IPAddress] construct!
- InfoSec Handlers Diary Blog - Odd DNS Requests that are Normal
- InfoSec Handlers Diary Blog - Keep an Eye on Your WMI Logs
- WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName
- Excellent Analysis of the Boeing 737 Max Software Problems - Schneier on Security
- Defending Democracies Against Information Attacks - Schneier on Security
- Cybersecurity for the Public Interest - Schneier on Security
- Protecting Yourself from Identity Theft - Schneier on Security
- What the AMCA Data Breach Teaches Us About Modern Supply Chain Security - Security Boulevard
- Radiohead Releases Music Online Instead of Giving in to Blackmailer Demands - Security Boulevard
- 84% of US employees have never heard of GDPR - TechRepublic
- How to Patch BlueKeep and Get to Know Your Company's Critical Assets
- Magdoff2.qxd - ReserveArmy.pdf
- What’s the best approach to patching vulnerabilities? – Naked Security
- Backpacker claims to find a network of hidden webcams in farm stay – Naked Security
- Crazy: Windows 10 Enterprise LTSC 2019 offered a feature update to 1903 | Born's Tech and Windows World
- Hackback Is Back: Assessing the Active Cyber Defense Certainty Act - Lawfare
- Vulnerable Software – The Gift that Keeps on Giving - Security Boulevard
- Building Modern Security Awareness with Experiences
- Updating the VMware vCenter License Key using PowerCLI - thecloudxpert
- 5 Secure Coding Practices You Actually Need: Principles for Secure Code Every Time - Security Boulevard
- Telegram App DDoS from China Hinders #612strike Protest - Security Boulevard
- 9 PCI Myths That Can Cost CIOs - Security Boulevard
- Mitigating BlueKeep with PowerShell – Mike F Robbins
- PrivacyCulture_GDPR_Maturity_Framework.pdf
- The Biggest Data Breach Archive on the Internet Is for Sale - VICE
- Sensory Overload: Filtering Out Cybersecurity's Noise
- The Military Wants AI to Manage America's Airwaves - VICE
- EPIC - EPIC's Rotenberg Speaks with Mueller Book Club
- What kids get up to online | Securelist
- A predatory tale: Who’s afraid of the thief? | Securelist
- Spam and phishing in 2018 | Securelist
- Active Dataguard : read only with apply – Laurent Schneider
- Bugs in a popular hospital pump may let attackers alter drug dosages
- The Best Encrypted Email Services You Need to Use in 2019
- Threat Landscape for Industrial Automation Systems in H2 2018 | Securelist
- Beware of stalkerware | Securelist
- BadCert: Symcrypt vulnerability puts Windows Server at risk | Born's Tech and Windows World
- Why You Need a Crisis Communications Plan | Pivot Point Security
- Tenable Roundup for Microsoft's June 2019 Patch Tuesday
- Tenable Roundup for Microsoft's June 2019 Patch Tuesday
- IoT Cybersecurity Improvement Act: An Important Step Forward - Blog | Tenable®
- Software Vulnerability Management with Device42 and VulnDB
- New VulnDB Integration for ServiceNow Enables Better Vulnerability Response
- Adapting Agile for Internal Security Operations
- NBlog - the NoticeBored blog: NBlog June 12 - lack of control is not a vulnerability
- Corrupt MP4 Files? Fix Them for Free With This Great Trick
- 2018 Year in Review
- Zero Day Initiative — The June 2019 Security Update Review
- Healthcare Security Summit Offers Insights From CISOs
- Google Researcher Details Windows Cryptographic Library Bug
- Microsoft Patch Tuesday, June 2019 Edition — Krebs on Security
- RapidScan - The Multi-Tool Web Vulnerability Scanner
- Yaazhini - Free Android APK & API Vulnerability Scanner
- Unsecured Database Leaves 8.4 TB of Email Metadata Exposed
- CIA, Cyber Risk and Patient Safety ~ Cyber Thoughts
- SAP Security Notes June 2019 | Onapsis
- Cyberattack Hits Aircraft Parts Manufacturer
- Healthcare Exchange Standards: Patient Engagement - Access Log
- Healthcare Exchange Standards: XDS sha-1 is still okay
- Entering the Third Decade of Cyber Threats: Toward Greater Clarity in Cyberspace - Lawfare
- How to Structure a Cover Letter and Resume When Sending via Email
- An Amazing Job Interview | Don Jones®
- Privacy Is Now a Luxury Good: Here's Why That's Bad for All of Us
- Perovskites: Not Just For Solar Cells Anymore | Hackaday
- Chris's Wiki :: blog/sysadmin/IntelMDSKillsOldServers
- Trouble-shooting | Oracle Scratchpad
- Yubico recalls government-grade security keys due to bug
- Ansible: configuration management for everything – Marksei
- Smarten Up Your Air Conditioning With The ESP8266 | Hackaday
- Botanium: Urban Gardening For All
- The 15 Most Popular Plex Podcasts in 2019
- SSL Handshake Failures | Baeldung
- Free up over 17GB of storage space by cleaning up after the Windows 10 May 2019 Update
- The bits and bytes of PKI | Opensource.com
- U.S. GAO - Information Technology: Agencies Need to Develop Modernization Plans for Critical Legacy Systems
- Dealing with Scale and Security: How MasterCard is Mastering the Game - Big Data Beard
- A Field Guide To Transmission Lines | Hackaday
- How to Design a Lithium Battery Pack (Part 2 of 2)
- How To Build Your Own Lithium Battery (Part 1 of 2)
- A computer virus has thrown Philadelphia’s court system into chaos - The Verge
- World domination with cgroups in RHEL 8: welcome cgroups v2!
- Why Smart Cards Are Smart | Linux Journal
- When the 'smart home' is actually a hospital room
- Digital Transformation Suffers from Poor Alignment Between IT and Execs | APMdigest - Application Performance Management
- vCenter 'Root' Account Expired | PeteNetLive
- Darran's WildFly Blog: Security Feature Development for WildFly 17
- Cyber Gaslighting: PsyOps in the Home - Lawfare
- Free Websites Reveal Your Address History and Names of Relatives (How to Opt Out) — My Money Blog
- Technology : You have to keep working just to stand still! | The ORACLE-BASE Blog
- Switch Buffer Sizes and Fermi Estimates « ipSpace.net blog
- Kubernetes Storage on vSphere 101 – StatefulSet - CormacHogan.com
- World-class data science server to amplify Clemson’s supercomputer | Clemson University News and Stories, South Carolina
- Patchday: Updates for Windows 7/8.1/Server (June 11, 2019) | Born's Tech and Windows World
- June 2019 Patch Tuesday is rolling out @ AskWoody
- How Ransomware Evolved | KC's Blog
- 'The Moscow Rules' By Tony And Jonna Mendez: How The CIA Evaded KGB Security : NPR
- Microsoft Extends its Lead Over Amazon and Apple as the Most Successful U.S. Company | Alexander's Blog
- GPS And ADS-B Problems Cause Cancelled Flights | Hackaday
- Takata’s Deadly Airbags: An Engineering Omnishambles | Hackaday
- Lessons From Global Cybersecurity Breaches For Your Next M&A
- Top 10 ways to strengthen your personal online security – Jason Pearce
- I switched to Duplicati for Windows Backups and Restic for Linux Servers | b3n.org
- Kubernetes at 5: Joe Beda, Brendan Burns, and Craig McLuckie on its past, future, and the true value of open source – GeekWire
- Data in a Flash, Part III: NVMe over Fabrics Using TCP | Linux Journal
- Tokyo in the 1970s, Revisited by Photographer Greg Girard | Spoon & Tamago
- To Do List Grid For When You Have a Lot of To Dos | DennisKennedy.Blog
- Jeff Bezos Is a Post-Earth Capitalist - VICE
- Scientists Discover Atomic-Forged Glass on Hiroshima's Beaches - VICE
- Hiroshimaites
- Adobe Tells Users They Can Get Sued for Using Old Versions of Photoshop - VICE
- NBlog - the NoticeBored blog: NBlog April - spotting incidents
- NBlog - the NoticeBored blog: NBlog April 11 - the KISS approach to ISO27k
- NBlog - the NoticeBored blog: NBlog May 20 - the value of visuals
- NBlog - the NoticeBored blog: NBlog June - physical information security
- Hacking History
- Twitch Flooded with Streams of 'Game of Thrones', Porn, and the Christchurch Attack Video - VICE
- It’s Almost Impossible to Tell if Your iPhone Has Been Hacked - VICE
- The Top 17 Free and Open Source Backup Solutions
- Mark Zuckerberg Will Be Served a Summons If He Sets Foot In Canada - VICE
- The Google Outage Highlights the Perils of a Centralized Internet - VICE
- The US Ban on Huawei Is Causing a Global Mess - VICE
- Hackers Breach Company That Makes License Plate Readers for U.S. Government - VICE
- The Importance of Cybersecurity Training | United States Cybersecurity Magazine
- Sadly, many employees don’t even realize how important cybersecurity training really is for the organization they work for. And even worse, according to a survey of over 4,500 employees, 22% of employees don’t feel like they should be obligated to keep their employer’s information safe.
- The PC of Your Dreams Might be Hiding in a Company’s Surplus Bin - VICE
- Solving the TLS 1.0 problem - Microsoft Security
- Announcing the all new Attack Surface Analyzer 2.0
- Introducing the security configuration framework: A prioritized guide to hardening Windows 10 - Microsoft Security
- Discover and manage shadow IT with Microsoft 365
- UK launches cyberstrategy with long-term relevance
- Specifically, the cybersecurity document does an excellent job in the following areas:
Insider threats—This type of threat is highlighted throughout the document; something that is not always emphasized sufficiently. For example, “Insider threats remain a cyber risk to organizations in the UK. Malicious insiders, who are trusted employees of an organization and have access to critical systems and data, pose the greatest threat.” We continue to hear about this problem from customers in nearly all industries and in all countries. This bold and clear statement makes it clear that this problem is front and center for the UK strategy, as it should be.
Public incidents—It’s refreshing to see major incidents that impact companies and organizations in the UK highlighted rather than hidden from public view. The document includes several incidents, such as the 2015 TalkTalk breach, and the 2016 attack on the Society for Worldwide Interbank Financial Telecommunication (SWIFT) payment system in Bangladesh, the Philippines, and the Ukrainian power grid incident. While these incidents did not all occur on UK soil or directly to UK organizations, their impact was still felt in the UK.
Diversity and inclusion—The UK is committed to increasing diversity while also addressing its cybersecurity skills shortage. The document states emphatically that “we will address the gender imbalance in cyber-focused professions, and reach people from more diverse backgrounds to make sure we are drawing from the widest available talent pool.” The need is so critical that cybersecurity has become known as a wonderful field for younger professionals to embark on a new career, even if it is not something that is well-known.
Public-private collaboration—Cybersecurity is a “team sport” and working together across private and public sectors is essential. Openly admitting this and accepting government responsibility is a key tenet of this strategy, described as, “Government has a clear leadership role, but we will also foster a wider commercial ecosystem, recognizing where industry can innovate faster than us.” The document also states, “We will set out more clearly the respective roles of government and industry, including how these might evolve over time.”
As we look at other areas that the strategy may wish to consider expanding into or elaborating upon in the coming years, three specific areas come to mind:
Links to money laundering and terrorist financing—While the initial 2016 version did not mention how the flow of money impacts and funds cybercrime, the NSCR March 2018 update did, with three specific references to money laundering and terrorist financing, explaining, “We will take a whole-of-government approach including with the Devolved Administrations to tackle serious and organized crime and publish an updated Serious and Organized Crime Strategy in 2018.” It also stated, “We remain a leading player in developing and applying economic sanctions [… and will] … continue using sanctions smartly to deliver national security outcomes after we have left the EU.”
Returning military veterans—Whether it be from armed conflicts or peace-keeping missions or other such activities, one way the UK could shrink the gap in cybersecurity skills would be to help military veterans transition into this field. The strategy states, “This skills gap represents a national vulnerability that must be resolved.” To that end, there are multiple paths that other countries have pursued that could be applied here.
Cloud computing—The terms “cloud” and “cloud computing” are not mentioned in the original 2016 strategy document or in the NSCR March 2018 update. Cloud-based security offerings are a mainstay of any cybersecurity strategy and bring with them enormous benefits, speed, operational efficiencies, and more.
- Uncovering Linux based cyberattack using Azure Security Center
- Secure your journey to the cloud with free DMARC monitoring for Office 365
- Security deployment - Microsoft Security
- Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness
- Lessons learned from the Microsoft SOC—Part 2a: Organizing people
- Lessons learned from the Microsoft SOC—Part 1: Organization - Microsoft Security
- Commando VM - The First of Its Kind Windows Offensive Distribution
- Wireshark Cheatsheet
- CPU percent | Oracle Scratchpad
- Metasploit Cheat Sheet
- Imago Forensics - Imago Is A Python Tool That Extract Digital Evidences From Images
- Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform
- Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems
- Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go
- Reverse Shell Cheat Sheet
- Acunetix Web Application Vulnerability Report 2019
- CarbonCopy - A Tool Which Creates A Spoofed Certificate Of Any Online Website And Signs An Executable For AV Evasion
- DOGE - Darknet Osint Graph Explorer
- Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information
- Freevulnsearch - Free And Open NMAP NSE Script To Query Vulnerabilities Via The cve-search.org API
- mXtract - Memory Extractor & Analyzer
- FIR - Fast Incident Response
- H2T - Scans A Website And Suggests Security Headers To Apply
- LEDs for use with solderless breadboard – Skippy's Random Ramblings
- 507 Mechanical Movements
- Gareth's Tips, Tools, and Shop Tales | Revue
- Gareth's Tips, Tools, and Shop Tales
- How To Check if My Email is Encrypted during Transition | KC's Blog
- Secure Email
- DumpTheGit - Searches Through Public Repositories To Find Sensitive Information Uploaded To The Github Repositories
- AutoSource - Automated Source Code Review Framework Integrated With SonarQube
- Joy - A Package For Capturing And Analyzing Network Flow Data And Intraflow Data, For Network Research, Forensics, And Security Monitoring
- BruteDum - Brute Force Attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC With Hydra, Medusa And Ncrack
- Pacbot - Platform For Continuous Compliance Monitoring, Compliance Reporting And Security Automation For The Cloud
- WAFW00F v1.0.0 - Detect All The Web Application Firewall!
- Machinae v1.4.8 - Security Intelligence Collector
- Machinae
- Trigmap - A Wrapper For Nmap To Automate The Pentest
- Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User
- Vulmap - Online Local Vulnerability Scanners Project
- Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs
- Free Cynet Threat Assessment for Mid-sized and Large Organizations
- DefectDojo v1.5.4 - Application Vulnerability Correlation And Security Orchestration Application
- Ttyd - Share Your Terminal Over The Web
- Miteru - An Experimental Phishing Kit Detection Tool
- Acunetix Vulnerability Scanner Now With Network Security Scans
- Brutemap - Tool That Automates Testing Accounts To The Site's Login Page
- Cybersecurity and the Mueller Report - Lawfare
- Transnational Organized Crime and National Security - Lawfare
- Persistent Engagement, Agreed Competition and Deterrence in Cyberspace - Lawfare
- Progress in Cybersecurity: Toward a System of Measurement - Lawfare
- A Manifesto: Using Empirical Research in Journalism and Scholarship to Understand Big Tech - Lawfare
- Crossing a Cyber Rubicon? Overreactions to the IDF’s Strike on the Hamas Cyber Facility - Lawfare
- Digital Will, Part I: Requirements | Linux Journal
- What’s the Point of Charging Foreign State-Linked Hackers? - Lawfare
- OpenProject - online project management software - free and open source
- 5 Tips for Prioritizing Vulnerabilities Based on Risk - Blog | Tenable®
- Why Global Collaboration Is Key to Effective Cyber Defense - Blog | Tenable®
- Cybersecurity Pros Face Significant Challenges with OT Security: Ponemon Report - Blog | Tenable®
- VMware Releases Security Updates for Tools and Workstation | US-CERT
- cyber.dhs.gov - Binding Operational Directive 19-02
- Stop the Presses: Media Coverage as a Prioritization Metric for Vulnerability Management - Blog | Tenable®
- Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725) - Blog | Tenable®
- Oracle Critical Patch Update For April Contains 297 Fixes - Blog | Tenable®
- IT/OT Cybersecurity Convergence: Start Strong with These Six Controls - Blog | Tenable®
- Nessus Essentials | Tenable®
- PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram
- Vthunting - A Tiny Script Used To Generate Report About VirusTotal Hunting And Send It By Email, Slack Or Telegram
- Recipes and Meals | Quality Products Low Prices | Lidl US
- Why Your Business Continuity Plan Must Cover Cyber Incident Response | Pivot Point Security
- Shared Assessments - They’re Not Just Vendor Risk Management
- Open Source Software Legal Issues | FOSS Risks | Pivot Point Security
- Avoid These Easily Guessable Passwords | Pivot Point Security
- Password Strength Explained | Password Length vs. Complexity | Pivot Point Security
- Password Tips 6-8: Reuse, Emails, and Default Passwords | Pivot Point Security
- Password Tips #5-3: Secure Resets, 2FA, and Password Storage | Pivot Point Security
- Password Sharing Security Tips | Pivot Point Security
- Why Ignoring CCPA is Bad Business (As Opposed to ignoring GDPR) | Pivot Point Security
- Don’t Pay the Price for an Unsecured Managed Services Vendor | Pivot Point Security
- 5 Success Factors: Law Firm Data Security & Privacy Initiatives (Part 3) | Pivot Point Security
- 5 Success Factors: Information Security for Law Firms (Part 2) | Pivot Point Security
- 5 Critical Success Factors: Cyber Security for Law Firms | Pivot Point Security
- OBGYN Information Security | How InfoSec Has Changed My Annual OB/GYN Visit | Pivot Point Security
- CREST vs. SANS | Pivot Point Security
- 5 Top Information Security Accreditations for SaaS Providers | Pivot Point Security
- Address CCPA before September 2019... or Pay the Price | Pivot Point Security
- Infosecurity.US - Web Log - GPS, The Rollover
- Infosecurity.US - Web Log - President Theodore Roosevelt's 'Citizenship in a Republic' Oratorical Masterpiece, The 109th Anniversary
- Oracle Downloads Page
- Infosecurity.US - Web Log - Google Utilizing Consumer Gmail Accounts to Track Purchases, Financial Transactions
- Key takeaways from the 2019 Verizon Data Breach Investigations Report - IT Governance Blog
- Medical data is 18 times more likely to be compromised when an internal actor is involved, and the most likely threat actor is a medical professional such as a doctor or nurse.
- What is an ISMS and 9 reasons why you should implement one - IT Governance Blog
- 1. A centrally managed framework for keeping an organisation’s information safe.
2. A set of policies, procedures, technical and physical controls to protect the confidentiality, availability and integrity of information.
3. Either applied to the entire organisation or only a specific area where the information it seeks to protect is segmented (the scope).
4. Includes not only technical controls but also controls to treat additional, more common risks related to people, resources, assets and processes.
5. Based on a risk assessment across the organisation that considers internal and external risks. This means all risks are assessed, analysed and evaluated against a set of predetermined criteria before risk treatments (controls) are applied. Controls are applied based on the likelihood and potential impact of the risks.
6. A framework that helps you make appropriate decisions about the risks that are specific to your business environment.
7. Dependent on support and involvement from the entire business – not just the IT department – from the cleaner right up to the CEO.
8. Not an IT function but a business management process.
9. An ISMS can be certified to the international best-practice information security standard ISO 27001. Achieving accredited certification to the Standard demonstrates to your clients, customers, regulators and stakeholders that your organisation is following information security best practice and your data is sufficiently protected.
- Organisations struggling to meet GDPR requirements, with poor planning and lack of awareness to blame - IT Governance Blog
- 79% of organisations are failing to meet the GDPR’s requirements;
25% don’t consider themselves knowledgeable about the Regulation;
Half of organisations have been subject to enforcement action related to data protection violations; and
70% are less open when engaging with customers about data privacy.
- What is information classification and how is it relevant to ISO 27001? - IT Governance Blog
- List of data breaches and cyber attacks in February 2019 - 692,853,046 records leaked - IT Governance Blog
- A guide to the PCI DSS’s vulnerability scanning and penetration testing requirements - IT Governance Blog
- Average cost of cyber crime is now $13 million - IT Governance Blog
- 2.3 billion data breaches, compared to 826 million in 2017
average cost of cyber crime grew by more than $1 million in 2018 to $13 million (about £9.9 million) per organisation.
85% of organisations experienced phishing and social engineering attacks and 76% suffered web-based attacks.$2.6 million (about £1.9 million) and $2.3 million (about £1.75 million) respectively
- Requirements for achieving ISO 27001 certification - IT Governance Blog
- ISO 27001: The 14 control sets of Annex A explained - IT Governance Blog
- DPIAs for retail and hospitality - IT Governance Blog
- List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked - IT Governance Blog
- The 8 CISSP domains explained - IT Governance Blog
- Law firms report increase in staff-related security incidents - IT Governance Blog
- Do your employees care about cyber security? - IT Governance Blog
- just 26% have introduced cyber security training for their employees. 15% stated that they “haven’t got around to it yet” while 5% think additional training should be offered but confessed that “they didn’t know where to start”.
17% of small UK businesses have suffered at least one cyber attack in the past year.
19% have been targeted between 6 and 10 times in the past year.
51% of organisations with 50–99 employees suspect that a breach has been kept a secret from them.
53% agreed that it seemed logical for cyber security awareness training to be near the top of the business agenda.
- “An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack - IT Governance Blog
- Toyota suffers second data breach in five weeks - IT Governance Blog
- The ultimate guide to ITIL incident management - IT Governance Blog
- List of data breaches and cyber attacks in April 2019 – 1.34 billion records leaked - IT Governance Blog
- UK businesses are reporting fewer data breaches, but is this as positive as it sounds? - IT Governance Blog
- This is a marked improvement on the previous two years, in which 43% (2018) and 46% (2017) of businesses were breached, but it doesn’t tell the full story of the UK’s threat landscape. Although the number of organisations being targeted seems to be decreasing, those that are vulnerable to attacks are experiencing them more often, with two in five organisations saying that they come under threat at least once a month.
More businesses (57% vs 51% in 2018) and charities (43% vs 27%) update senior management on their cyber security actions at least once a quarter;
Cyber security policies are becoming more common in businesses (33% vs 27%) and charities (36% vs 21%);
Businesses (56% vs 51%) and charities (41% vs 29%) are more likely to have implemented controls in all five technical areas of the government’s Cyber Essentials scheme;
Staff awareness training is becoming more common in businesses (27% vs 20%) and charities (29% vs 15%);
Charities are getting better (60% vs 46%) at implementing measures such as health checks, audits and risk assessments; and
More medium-sized (31% vs 19%) and large businesses (35% vs 24%) have invested in cyber insurance.
- Different types of cyber attacks - IT Governance Blog
- Recsech - Tool For Doing Footprinting And Reconnaissance On The Target Web
- Recsech
- Cyber News Rundown: Medical Testing Service Data Breach | Webroot
- The State of VPN Security Today - Security Art Work
- The Pains Of Vulnerability Coordination – And What To Learn From It
- LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach — Krebs on Security
- On the Horizon: Parasitic Malware Will Feast on Critical Infrastructure
- Oracle Database 19c (19.3.0) for Windows and zLinux is available
- Baltimore Ransomware Attack Costing City $18 Million
- City Finance Director Henry Raymond estimates, Baltimore has spent about $10 million in recovery and forensic expenses, and the city is expected to lose about $8 million in revenue.
- Maine governor signs bill banning internet providers from selling consumer data without consent | TheHill
- Hospital to Pay $250,000 After Alleged False HITECH Claims
- Vendor Security Risk Management: A Growing Concern
- Healthcare Exchange Standards: IHE Audit Log Specifications
- Survey Says: Cost and Security are Top Hybrid Cloud Concerns | CIO
- BrandPost: HPE Greenlake Improves Control Over Compliance, Security - Jellyfish Security
- Automating SOX Controls Testing | Onapsis
- Tap Into Your Valuable DNS Data - Black Hills Information Security
- Check-LocalAdminHash & Exfiltrating All PowerShell History - Black Hills Information Security
- Check-LocalAdminHash
- Data protection authority reports itself to itself after data breach
- Data protection authority reports itself to itself after data breach
- Life on Contract: Product Development Lessons Big and Small | Hackaday
- [New Research] 2019 Cloud Security Report Reveals Top Challenges
-
The top cloud security concern of cyber security professionals is data loss and leakage (64 percent).
Unauthorized access through misuse of employee credentials and improper access controls (42 percent) takes the number one spot in this year’s survey as the single biggest perceived vulnerability to cloud security, tied with insecure interfaces and APIs (42 percent). This is followed by cloud misconfigurations (40 percent).
Most respondents (54 percent) say cloud environments are at higher risk of security breaches than traditional on-premises environments – a 5 percent increase from last year.
- Lessons from the Baltimore Cyber Attack—Are You Doing Enough to Protect Your Business? - Delta Risk
- Philips and HPE: Healthcare Innovation From the Edge to the Cloud | CSO Online
- The Intellectual Dark Web (IDW) and Dark Forest Theory | Daniel Miessler
- The Holy Trinity of Air Travel Convenience | Daniel Miessler
- The ABCs of Microsoft Office 365's Data Loss Prevention (DLP)
- Baltimore ransomware attack will cost the city over $18 million
- vSphere ESX: Replace / Update the VMware Tools ISO | PeteNetLive
- Are Bluekeep patches causing BSODs with Server 2008 SP2 and Vista? @ AskWoody
- Why ODA reimaging doesn't work on the first try? - Blog dbi services
- Home on the Palo Alto Networks Cyber Range | The Networking Nerd
- Java mon amour: SSL renegotiation and resumption
- Under The Stairs: First Steps with With PowerShell 7
- Establishing an Internet Performance Benchmark | APMdigest - Application Performance Management
- Official Warren Buffett / Berkshire Hathaway Book Reading List 2019 — My Money Blog
- Find why an account is getting locked out and where | Mohammed Wasay
- Common Data Model | James Serra's Blog
- Metasploit for Windows BlueKeep vulnerability | Born's Tech and Windows World
- My session slides from DNUG46 | eknori.de
- New VMware Security Advisory VMSA-2019-0009 - VMware Security & Compliance Blog - VMware Blogs
- What kind of server channel are your running on: SAC or LTS? | >_
- Cyber Command’s Strategy Risks Friction With Allies - Lawfare
- UEFI 2.8 Specification Released With REST & Memory Cryptography - Phoronix
- Defense Department General Counsel Remarks at IDF Conference - Lawfare
- 10 Most Secure Linux Distros For Advanced Privacy & Security
- The GCHQ’s Vulnerabilities Equities Process - Lawfare
- The dangerous folly of “Software as a Service” | Armed and Dangerous
- Control, Freedom and Harm – Purism
- Ubuntu 19.10's ZFS TODO List Goes Public - A Lot To Of Work Left - Phoronix
- Azure Architect Study Guide – Service Endpoints
- Learn about AWS Services & Solutions – June AWS Online Tech Talks | AWS News Blog
- So long … | Oracle Scratchpad
- Examples of Machine Learning with Facial Recognition « Oralytics
- Homemade Turkish Salad Recipe -- Frugal, Paleo, Vegan, and Delicious | Penniless Parenting
- The seven deadly sins of personal finance
- DeployHappiness | PencilTramp – The Adventures of Passphrase Generation
- Continuous integration of machine learning models with ease.ml/ci – the morning paper
- Azure NetApp Files goes GA | Architecting IT
- Power over Ethernet: Things You Should Know About it
- Saving, Updating Text Files with PowerShell | KC's Blog
- Oracle Critical Patch Update - April 2019
- Deploy Sonarqube to Azure App Service Linux Containers using an Azure DevOps Pipeline – PowerShell, Programming and DevOps
- Video : Multitenant : Proxy PDB in Oracle Database 12.2 Onward | The ORACLE-BASE Blog
- Exposed database revealed security details for large hotel chains
- Wazuh
- Top 550+ Funny Passwords Ever Encountered
- Ransomware Attack on Vendor Affects 600,000 - HealthcareInfoSecurity
- Groups Ask FDA to Rethink Some Medical Device Cyber Proposals
- An Inside Look at a Level 4 Threat Hunting Program
- Georgia County Pays $400,000 to Ransomware Attackers
- EU Seeks Better Coordination to Battle Next Big Cyberattack
- The Future of Cybersecurity Education - Part 2
- The Future of Cybersecurity Education - Part 1
- Oregon Agency Reports Phishing Attack Affecting 350,000
- The Dark Side of Cybersecurity: Burnout - HealthcareInfoSecurity
- The Dangers of Unsecured Medical Devices - HealthcareInfoSecurity
- Analyzing the $7.5 Million UCLA Health Data Breach Settlement
- A proposed $7.5 million settlement of a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack that affected 4.5 million individuals stands apart from most other breach-related settlements because it requires the organization to spend a substantial sum on improving its security, Under terms of the settlement, UCLA Health has agreed to spend at least $5.5 million beyond its current budget to expedite and implement cybersecurity enhancements to its computer network.
- Data Breaches in Healthcare Affect More Than Patient Data
- Meanwhile, Columbia, S.C.-based integrated healthcare delivery system Palmetto Health says it believes a recent phishing attack was aimed at trying to gain access to employee payroll information. Palmetto is undergoing a name change to Prisma Health as it completes a merger this year with Greenville Health System.
- Ransomware Attack Costs Norsk Hydro $40 Million - So Far
- What Led to a $4.7 Million Breach Lawsuit Settlement?
- $4.7 million to settle a lawsuit stemming from the theft of a portable hard disk drive from a self-storage unit. The drive contained information on about 1.2 million individuals - much of it unencrypted - that was gathered for an education research project
- Alerts: Vulnerability in Philips Records System
- Audit: HHS Info Security Program ‘Not Effective’
- The OIG report notes that auditors found weaknesses in five key cybersecurity framework areas, including:
Risk management;
Configuration management; identity and access management; data protection and privacy; and security training;
Information security continuous monitoring;
Incident response;
Contigency planning.
- DHS: Federal Agencies Need to Patch Vulnerabilities Faster
- Directive: 'Critical' Vulnerabilities Must Be Patched Within 15 DaysBinding Operational Directive (BOD) 19-02,critical vulnerabilities needed remediation within 30 days
- Health Data Breach Tally Update: What’s Been Added?
- $3 Million HIPAA Settlement in Delayed Breach Response Case
- $3 million HIPAA settlement in a case alleging that a medical imaging services provider delayed investigating and mitigating a breach involving patient information leaking onto the internet via a web server - and delayed notification of victims as well.
- Ransomware Increasingly Hits State and Local Governments
- Equifax's Data Breach Costs Hit $1.4 Billion - HealthcareInfoSecurity
- Costs Hit $1.4 Billion
- Executive Roundtable Recap: "Confessions of a Healthcare CISO"
- Top 5 Legal Tips for Tornado Damage and Insurance - FindLaw
- Auto-reload Celery on code changes | Celery how-tos and tutorials
- The mysterious history of the MIT License | Opensource.com
- Top 20 Best Linux VoIP and Video Chat Software in 2019
- The difference between resilient and reactive organizations | Opensource.com
- 27 Excellent Free Books to Learn all about R - LinuxLinks
- Under The Stairs: PowerShell 7 Is Here - Getting Started
- Texas Linux Fest 2019 Recap · major.io
- Red Hat Breathes New Life Into Java | Enterprise | LinuxInsider
- The SmarchWatch: An open-source smartwatch that you can build yourself - NotebookCheck.net News
- Towards an Information Operations Kill Chain - Schneier on Security
- SSH Honey Keys
- DevSecOps: 7 ways to address cultural challenges | The Enterprisers Project
- Introduction to Reinforcement Learning with Python
- Top 20 Best ML Algorithms For Both Newbies and Professionals
- DOD looks to publish software blacklist -- FCW
- A Better Route Planner & Other Open Source Projects Need Our Help | CleanTechnica
- 6 Open-Source Alternatives to Proprietary Software: Self-Hosted Applications | 256 Kilobytes
- Adobe Warns Users Someone Else Might Sue Them For Using Old Versions Of Photoshop | Techdirt
- davy wybiral: Always Secure Your localhost Servers
- Portainer: Web-Based Docker GUI For Remote Or Local Use - Linux Uprising Blog
- Kubernetes security: 5 mistakes to avoid | The Enterprisers Project
- TLS 1.0 and 1.1 Removal Update - Mozilla Hacks - the Web developer blog
- Safari, Firefox, Edge and Chrome are removing support for TLS 1.0 and 1.1 in March of 2020.
- Cthulhu: New open source chaos engineering tool for Java - JAXenter
- Cthulhu
- U.S. Businesses Pay, Remit 93 Percent of All Taxes Collected in America
- 9 List of Best Free Penetration Testing tools | H2S Media
- Easy and Delicious Chewy Gluten Free Vegan Chocolate Chip Cookies Recipe | Penniless Parenting
- Juli's Gluten Free Pasta Salad | Penniless Parenting
- How to write a business continuity plan: the easy way - IT Governance Blog
- Is your organisation equipped for long-term GDPR compliance? - IT Governance Blog
- Emotet: How to stop ‘the most destructive malware’ in existence - IT Governance Blog
- A Ransomware Victim Shares His Story - HealthcareInfoSecurity
- Tips on Tackling Medical Device Cybersecurity Challenges
- Minimizing Cloud Security Risks - HealthcareInfoSecurity
- Is Healthcare Sector Better Prepared for Ransomware Attacks?
- Misconfigured IT (Again) Leads to Big Health Data Breach
- Cloud-Based EHR Vendor Slapped With HIPAA Fine
- Under GDPR, UK Data Breach Reports Quadruple - HealthcareInfoSecurity
- Audit Identifies Australian Health Sector Security Weaknesses
- What CCPA Means to Security Leaders - HealthcareInfoSecurity
- Windows Notepad hack allows shell access | Born's Tech and Windows World
- Covert Channel: The Hidden Network
- Beginner’s Guide to Nessus
- CCIE Renewed Once More - Exam 400-101 v5.1 · Lindsay Hill
- PowerCat -A PowerShell Netcat
- Google Stored Business Customers’ Passwords in Plaintext on Its Servers… For 14 Years
- Exploring different Linux RAID-10 layouts with unbalanced devices – The ongoing struggle
- AI Universal Guidelines – thepublicvoice.org
- OECD Legal Instruments
- The Evolution of Cybercrime
- A Cybersecurity Checklist for Modern SMBs | Webroot
- The Ransomware Threat isn’t Over. It’s Evolving.| Webroot
- Cyber News Rundown: Massive Data Breach at Georgia Tech | Webroot
- Moody's Outlook Downgrade of Equifax: A Wake-up ...
- Former Student Admits to USB Killer Attack
- 55% of SMBs Would Pay Up Post-Ransomware Attack
- A Cybersecurity Guide for Digital Nomads | Webroot
- 7 Types of Experiences Every Security Pro Should Have
- 8 Personality Traits for Cybersecurity
- The eight traits the company said are indicative of a successful career in cybersecurity are modesty, altruism, composure, scientific, inquisitive, skeptical, responsive, and diligent.
- New Exploits For Old Configuration Issues Heighten ...
- WannaCry Lives On in 145K Infected Devices
- The Ransomware Dilemma: What if Your Local ...
- Open Security Tests Gain Momentum With More Lab ...
- GDPR's First-Year Impact By the Numbers
- My Ansible Roles | Calvin Bui
- RIP BBM: BlackBerry Messenger Shuts Down
- Running Systems » Blog Archive » SecureBoot and VirtualBox kernel modules
- WebLogic - JAVA_HOME in WebLogic, a nightmare? - Blog dbi services
- WebLogic - Upgrade of Java - Blog dbi services
- Chris's Wiki :: blog/solaris/ZFSDnodeIdsAllocation
- Why Linux RAID-10 sometimes performs worse than RAID-1 – The ongoing struggle
- Charlie Munger 2019 Wall Street Journal Interview Transcript — My Money Blog
- The Best Time To Plant A Tree Is Now — My Money Blog
- Charlie Munger: Financially Independent at Age 38 in 1962 — My Money Blog
- Munger’s example reaffirms that if you have a relatively high income, save a high percentage of that income, AND invest that money into productive assets, your net worth will grow quite quickly.
- Callan Periodic Table of Investment Returns 2019 — My Money Blog
- zerosum0x0: Avoiding the DoS: How BlueKeep Scanners Work
- Using osquery for remote forensics | Trail of Bits Blog
- Book Review – The Hacker Playbook 3: Practical Guide To Penetration Testing (Red Team Edition) – The Personal Blog of Sean Goodwin
- Interacting with FTP/SFTP using Powershell - Syspanda
- Benefits of Threat Modeling
- List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked - IT Governance Blog
- Equifax Expects U.S., Canada Watchdogs to Press Cases Over 2017 Breach - WSJ
- Healthcare reports highest number of data breaches: Study
- ONC Information Blocking Rule Raises Privacy and Security Concerns
- IT Security Vulnerability Roundup – May 2019
- Using Secure Configurations | Standardize Your Security - Linux Academy Blog
- As ONC Considers Info Blocking, IoT, Medical Device Guidance Needed
- States Imposing New Cybersecurity Requirements on Insurers
- cipl_principles_for_a_revised_us_privacy_framework__21_march_2019_.pdf
- privacy-framework-workshop-1-pre-read.pdf
- Proposed Overhaul of North Carolina Security Breach Notification Law Would Make It One of the Toughest in the Nation - Wyrick Robbins
- Global Privacy Push Drives Need for Security, Privacy Alignment
- Opinion | Why You Can No Longer Get Lost in the Crowd - The New York Times
- HHS Lowers Some HIPAA Fines - GovInfoSecurity
- The revised maximum annual penalties violations of HIPAA provisions are:
No knowledge - i.e. an entity did not know it was violating a provision - $25,000;
Reasonable cause, and not willful neglect - $100,000;
Willful neglect, but with timely correction (within 30 days) - $250,000;
Willful neglect that is not timely corrected - maximum annual penalty remains at $1.5 million.
- Belgian Data Protection Authority Releases 2018 Annual Activity Report | Privacy & Information Security Law Blog
- NIST launches development of a privacy framework
- New Jersey Amends Data Breach Law to Include Online Account Information | Privacy & Information Security Law Blog
- My Takeaways from the 2019 DBIR Report | Daniel Miessler
- How to use dnsenum for dns enumeration - Kali Linux
- Direct Liability of Business Associates | HHS.gov
- Useful links on various AWS topics | Techbrainblog
- Pi-Hole problem with dnsmasqd, LXD | Nelson's log
- BlueKeep vulnerability: Microsoft warns about a wormable malware epedemia | Born's Tech and Windows World
- The Fascinating World Of Solder Alloys And Metallurgy | Hackaday
- Staff break IT rules in order to do their jobs with management the worst offenders
- Pain Points in Mortgage Lending | Tallan Blog
- Home lab setup, part 1 -
- China Prepares To Drop Microsoft Windows -- Blames U.S. Hacking Threat | Tux Machines
- What I Learned Trying To Secure Congressional Campaigns (Idle Words)
- The Coming Cyber War
- AND…now comes digital transformation…
- NVMe on Linux | Network World
- What's new with Red Hat Enterprise Linux 8 and Red Hat Virtualization | Tux Machines
- Gigabyte's next-gen SSD shows the incredible potential of PCIe 4.0
- Files Exposed Online Hit 2.3 Billion - Server Message Block Worst Culprit
- 6 Ways to Check Which Versions of .NET Framework Are Installed
- How to Debug a Bash Script like a Boss – Linux Hint
- Kubernetes Storage on vSphere 101 - The basics: PV, PVC, POD - CormacHogan.com
- Our thoughts on the new Java release system
- 24 Google Docs Templates That Will Make Your Life Easier
- Power Outage Corrupted XFS Filesystem | How I Fixed It – CubicleNate's Techpad
- Global Privacy Concerns: The Top 5 Cities Using Invasive Tech | Webroot
- The 5 keys of an Operator’s Security Plan for a health service - Security Art Work
- Zero Day Initiative — The May 2019 Security Update Review
- Civil Engineering Explained | Diary of a Network Geek
- Errata Security: A lesson in journalism vs. cybersecurity
- Errata Security: Your threat model is wrong
- Managing Your Security Logs: More than Just Set and Forget - Delta Risk
- Zero Day Initiative — CVE-2019-0708: A Comprehensive Analysis of a Remote Desktop Services Vulnerability
- Configure Azure Service Endpoints for Web Applications #Azure #ASE #Endpoints #AzureServiceEndpoints #webapp #AzureDevOps | Robert Smit MVP Blog
- Go Memory Management - Povilas Versockas
- Go Memory Management Part 2 - Povilas Versockas
- Go Memory Management Part 3 - Povilas Versockas
- List all SPNs in Active Directory | Mohammed Wasay
- Linux RAID-10 may not always be the best performer, but I don’t know why – The ongoing struggle
- How to Install AzCopy for Azure Storage - Thomas Maurer
- Information Security Mental Models – Chris Sanders
- Nearly 1 million Windows machines with BlueKeep vulnerability | Born's Tech and Windows World
- Update: The “wormable” Win XP/Win7 RDP security hole, BlueKeep, still hasn’t been cracked @ AskWoody
- How to control what employees can view and edit in Delve User Profiles - SharePoint Maven
- Cloud : Who are the gatekeepers now? | The ORACLE-BASE Blog
- The IT world has changed. The traditional power bases are eroding, and you’ve got to adapt to survive. Every time you say “No”, without offering an alternative solution, you’re helping to make yourself redundant. Every time you say, “We will need to investigate it”, as a delaying tactic, you’re helping to make yourself redundant. Every time you ignore new development and delivery pipelines and platforms, you are sending yourself to an early retirement. I’m not saying jump on every bandwagon, but you need to be aware of them, and why they may or may not be useful to you and your company.
- IPv6 Support in Microsoft Azure « ipSpace.net blog
- Your Guide To A Successful Presentation -
- How to deal with a jet lag, a few tips from a frequent traveller. - robbeekmans.net
- Rules of a thumb
Flying to the US – long day ahead, keep busy until 9-10pm
Adjust your sleeping rhythm in the US to as close as possible to your home rhythm
Careful with the booze
Careful with the calories
Sleep when flying home, you have a long day ahead
Get up on time, no sleep over the first week
Keep busy the first few days, tire your body.. clean the house (help your partner for once ;). )
No coffee after 3pm (before; loads)
I noticed by following these rules I still feel the jet lag but sleep soon after going to bed (might take half an hour where otherwise I would sleep seeing the bed).
- Jaffar's (Mr RAC) Oracle blog: Network design for Oracle Cloud Infrastructure
- Linux Scripting, Part III – DBAKevlar
- Failure is Not an Option — It’s a Requirement! | The SSD Guy
- Stage 0: “If it ain’t broke, don’t fix it.” This is a reactive solution to issues as they arise, that combines a lack of understanding of the workload with a penchant to purchasing to higher specifications than actually required leading to high costs.
Stage 1: “Test in production… and pray!” In this scenario equipment is slowly ramped into production with expansion plans based on vendor specifications. In some cases this results in unexpected failures some months after deployment, with highly-visible disruptions.
Stage 2: “Validation with freeware tools.” More sophisticated than the preceding scenarios, this one still has its problems. A mix of tools, including IOMeter, IOZone, Dbench, Fstress, and others, were designed for smaller workloads than GoDaddy’s massive systems. Not only do they fail to resemble the actual load, but they prove cumbersome to use in this magnitude of a system.
Stage 3: “Validation with custom tests.” GoDaddy developed a test the company calls “SwiftTest” that has been specially designed for the correct type of validation. The tool validates against full scale operation loads on a realistic emulation of the company’s production workloads.
Most importantly, though, is that SwiftTest is ramped up over the course of a few days to find where a new component will predictably fail. By doing causing these failures the storage team at GoDaddy can accurately predict the conditions under which new resources will be required, without guesswork. They don’t over-buy, and they reduce storage system failures.
But the key point is that they hammer on a piece of equipment until it breaks, and use that knowledge to plan their resources. The system’s failure is key to this understanding. Failure is a requirement!
- Understanding disaster recovery options for SQL Server
- Why is HPE 3PAR not moving to NVMe SSDs (yet)? | Architecting IT
- Why local governments are a hot target for cyberattacks | CSO Online
- ESP8266 Upgrade Gives IKEA LEDs UDP Superpowers | Hackaday
- Auction for a laptop full of malware closes at $1.2 million
- A threat actor scans Windows systems for BlueKeep vulnerability | Born's Tech and Windows World
- SignalsEverywhere: ADS-B Aircraft Tracking with RTL-SDR, dump1090 and Virtual Radar Server
- Short Article Explaining DSP Basics Without Math
- Assessing your disk performance and your needs: Choosing your Azure storage disks (Part 3) – Dynamics AX in the Field
- Walmart's New Way To Cut Health Costs: Better Medical Imaging For Workers : Shots - Health News : NPR
- Accountability vs. responsibility | Seth's Blog
- PerfView Hard Core CPU Investigations (Using CPU Counters) on Windows 10 – Vance Morrison's Weblog
- Office 2016 vs. Office 365: Differences and Licensing | Windows OS Hub
- Pragmatic Debian packaging (2019) | Vincent Bernat
- Microsoft 365 Licensing Diagrams | Alexander's Blog
- Intel Loses 5X More Average Performance Than AMD From Mitigations: Report
- UPenn Medicine's AI tool for data analytics is open-source, free to the public
- OpenJDK 8 and 11: Still in safe hands - Red Hat Developer Blog
- Health Port: Creates Solution for Open Source Electronic Health Records
- Bluetooth's Complexity Has Become a Security Risk | WIRED
- WannaCry? Hundreds of US schools still haven’t patched servers [Updated] | Ars Technica
- How To Enable Or Disable SSH Access For A Particular User Or Group In Linux? | 2daygeek.com
- Moody's downgrades Equifax outlook to negative, cites cybersecurity
- Lack of Secure Coding Called a National Security Threat
- After 2 Years, WannaCry Remains a Threat - BankInfoSecurity
- Here's all the important stuff Google announced at I/O 2019
- MIT AI model is 'significantly' better at predicting breast cancer
- Super Micro will move chip production out of China to avoid spying claims
- A ransomware attack is holding Baltimore's networks hostage
- A parent's guide to raising a good digital citizen
- Hacker Summer Camp 2019 Preview · System Overlord
- Windows Incident Response: Lessons From Time In The Industry
- Geometry in Image Forensics – We are OSINTCurio.us
- Basics of Breach Data – We are OSINTCurio.us
- Security of Connected Vehicles - Part IRafeeq Rehman – Personal Blog
- Mod Security Web Application Firewall
- Scottish Government Security Basics
- Cyber Essentials
- Continuous Integration. Continuous Delivery. Continuous Security? - via @codeship | via @codeship
- Ubiquiti Networks - Training Courses
- Healthcare Exchange Standards: FHIR Security & Privacy activities
- Singapore eHealth - Innovative Technologies and Security ~ Cyber Thoughts
- Introduction to analysing full disk encryption solutions | DiabloHorn
- Sunlight for the Ransomware Data Recovery Industry
- Sodinokibi Ransomware Poised to Impact Larger Enterprises
- DHS-CERT Alert 10KBLAZE | Onapsis
- Beyond wealth: What happens AFTER you reach financial independence?
- An introduction to square-foot gardening
- Episode 19: Democratizing Cybersecurity | Linux Journal
- Blindered by the GDPR | Linux Journal
- All About ITIL Levels and Their Badges – Running Your Business
- Kubernetes security: 4 strategic tips | The Enterprisers Project
- WebAuthn Web Authentication with YubiKey 5 | Linux Journal
- Java mon amour: good old friend JMeter
- Vulnerability Management vendors and Vulnerability Remediation problems | Alexander V. Leonov
- Code IB 2019: Vulnerability Management Masterclass | Alexander V. Leonov
- First American security flaw leaked 885 million real estate documents
- Ransomware attacks in US cities are using a stolen NSA tool
- What Is UFS 3.0? — The Powerful Successor To microSD Memory Card
- Here Are The Companies Who Have Banned Huawei
- Huawei Cannot Use microSD Cards In Its Future Devices
- How to Weaponize the Yubikey - Black Hills Information Security
- Portable Retro Game Console with 7.9-inch display | Hackaday.io
- Sound Card ADCs For Electrocardiograms | Hackaday
- A Farmer’s Guide to Technology | Hackaday
- Faxsploit – Exploiting A Fax With A Picture | Hackaday
- What Happened With Supermicro? | Hackaday
- Picking the Right Sensors for Home Automation | Hackaday
- Making a Dash Button Update Your To-do List | Hackaday
- Forget Artificial Intelligence; Think Artificial Life | Hackaday
- Shadowhammer, WPA3, and Alexa is Listening: This Week in Computer Security | Hackaday
- Windows Utility Helps ID Serial Ports | Hackaday
- Building A Windows 10 1903 (May 2019 Update) Reference Image with MDT – Stick To The Script
- Deploying A Windows 10 1903 (May 2019 Update) Reference Image with MDT – Stick To The Script
- Configuring Oracle DB data source in JBoss EAP 7.1 - Blog dbi services
- Documentum - Delete Remote Docbase - Strange behavior - Blog dbi services
- The Smart Conference Badge We Almost Failed Shipping
- Everything We Know About SpaceX’s Starlink Network | Hackaday
- By The Numbers: Which Rapper’s Rhymes Are The Freshest? | Hackaday
- Protecting Information Assets and IT Infrastructure in the Cloud | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, CSM
- US companies waste over two months a year resetting passwords
- .NET Framework is dead -- long live .NET 5
- Lack of security and operations basics leave businesses unprepared for breaches
- Three options companies should consider for backup & storage in 2019
- Reported data breaches up more than 56 percent
- Americans are overconfident about cybersecurity
- New privacy regulations mean your company needs better data management now
- 46 percent of organizations consider taking personal data out of the cloud
- New tool helps protect sensitive data on Oracle databases
- Half of companies missed GDPR compliance deadline
- Media server Serviio 2.0 adds multi-user streaming
- The changing landscape of cybersecurity
- Should I build a new media PC?
- Windows 10 V1903: Security Baseline final released | Born's Tech and Windows World
- David A. Wheeler's Blog
- GDPR one year on -- what have we learned and what happens next?
- 72 percent of cyber security professionals have considered quitting over lack of resources
- Cable Management Tips for Building Your New PC Like a Pro
- The 12 Best Search Engines to Explore the Invisible Web
- How to Install Windows 10 From a Bootable USB Drive
- Providing Healthcare Information Services in Small and Rural Libraries » Public Libraries Online
- The Illusion of "Doing Many Things" - briancasel.com
- If You Worry About 768K Day, You’re Probably Doing Something Wrong « ipSpace.net blog
- Ubiquitous VMware | Architecting IT
- Quick post: DISM and Features on Demand (FOD) | >_
- Talking to college students about information security · major.io
- Video: Finding Performance Bottlenecks of Windows Based Systems with PowerShell – Mike F Robbins
- Newbie Guide to Systems Engineering — ThinkCharles.net
- New – Opt-in to Default Encryption for New EBS Volumes | AWS News Blog
- Master VMware logging with these tools and strategies
- The problem with Googling for solutions | The ORACLE-BASE Blog
- Dissecting 190416 BP, PSU, RU and RUR - DBA - Rodrigo Jorge - Oracle Tips and Guides
- Re-partitioning | Oracle Scratchpad
- Storage Executive Software
- Some Thoughts on Program-Level College Scorecard Data – Robert Kelchen
- Digital Forensics vs. Computer Forensics - Data Narro, LLC
- SQL Injection Protection - Data Security and Privacy - Thomas LaRock
- Examples of using Machine Learning on Video and Photo in Public « Oralytics
- Oracle ACE Program : How you "align" matters! | The ORACLE-BASE Blog
- The Hidden Gem that is StorPool | Architecting IT
- Some Btrfs vs Ext4 random-read/write performance observations | Ctrl blog
- BlueKeep: Windows Remote Desktop Services vulnerability exploits status | Born's Tech and Windows World
- Microsoft Azure Networking Slide Deck Is Ready « ipSpace.net blog
- Measuring Linux IO read/write mix and size – The ongoing struggle
- Connecting Go Lang to Oracle Database « Oralytics
- Which JDK should I use now?
- Java 8 vs Java 11 - What are the Key Changes?
- 5 of the Best LaTex Editors for Linux - Make Tech Easier
- DevOps salaries: 10 statistics to see | The Enterprisers Project
- Open source thermostat runs openHAB on a Raspberry Pi Zero W
- Good News! Indian State Saves $428 Million by Choosing Linux
- CGroup Interactions | Linux Journal
- GitHub - arendst/Sonoff-Tasmota: Provide ESP8266 based itead Sonoff with Web, MQTT and OTA firmware using Arduino IDE or PlatformIO
- Red Hat enables Lockheed Martin to deliver F-22 Raptor upgrades - Help Net Security
- 5 Open Source Wi-Fi Hotspot Solutions - DD-WRT, CoovaAP - Reports - LinuxPlanet - Linux Today Blog
- PiShrink - Make Raspberry Pi Images Smaller - OSTechNix
- How to Encrypt Linux Partitions with VeraCrypt on Ubuntu
- Data in a Flash, Part II: Using NVMe Drives and Creating an NVMe over Fabrics Network | Linux Journal
- DLNA server with MiniDLNA under Linux / Raspberry Pi – Unixblogger
- Kubernetes - Role Based Access - The IT Hollow
- 88 Important Truths I’ve Learned About Life
- How to Get Longer Life Out of Your Dell Laptop Battery | b3n.org
- Activist hacking declined 95 percent since 2015
- Activist hacking declined 95 percent since 2015
- Career advice I wish I'd been given when I was young - 80,000 Hours
- The State of IT Transformation: Legacy Infrastructure Jeopardizes Transformation Initiatives | APMdigest - Application Performance Management
- Chris's Wiki :: blog/solaris/OmniOSNo10GCost
- Chris's Wiki :: blog/sysadmin/InspectingTLSWithCertigo
- Chris's Wiki :: blog/unix/XtermKeybinding
- Blockchain for Impact: Blockchain Revolution Global Event Wrap-Up | Beth's Blog
- Application-Focused Backups | Architecting IT
- 0day "In the Wild"
- Oracle GoldenGate 19c is available for download for Linux
- VDI 3D Graphics and Game Demo - Horizon, GRID, vGPU - The time I've wasted on technology...
- Outsourcing my life: Why I pay others to do tasks I could do myself
- ‘Temporary Insanity’ Returns To Wall Street – The Felder Report
- 6 Tech Trends Dominating DevOps in 2019 – Running Your Business
- 4 Reasons Why Using Resumonk Can Help You Land the job You've Always Wanted – Business Ideas
- 5 Amazing Statistics About Remote Companies – Business Ideas
- The Pink Tax: The Hidden Cost Of Being Female | Get Rich Slowly
- Should You Care About an Inversion in the Yield Curve? – Business Ideas
- Linux Scripting, Part II – DBAKevlar
- You Don’t Want To Be A Rock Star | The Networking Nerd
- Howto Reinstall WSUS from Scratch - The time I've wasted on technology...
- Start with "Why?" | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, CSM
- Droplet Computing: The Drip, Drip Effect – Michelle Laverick…
- Mentoring Someone with Imposter Syndrome
- [Howto] ara – making Ansible runs easier to read and understand – /home/liquidat
- How to configure Windows Sandbox - Thomas Maurer
- Best Practices for Signing a Windows PowerShell Script
- Benchmarking Competencies for Digital Performance - Part 1 | APMdigest - Application Performance Management
- Setup SSH Keys on Ubuntu 18.04 - Low End Box Low End Box
- The Mythical Eight Hour Workday – Ethan Banks
- Get Shortcut contents in Powershell – Dimitri's Wanderings
- Powershell criticism: Part 2 – Dimitri's Wanderings
- Powershell criticism part 1 – Dimitri's Wanderings
- Start Stop service rights to non administrators – Dimitri's Wanderings
- Architecture for the cloud vs. on-premises – Dimitri's Wanderings
- Free Disk space on Windows drive – Dimitri's Wanderings
- Chris's Wiki :: blog/linux/AlpineOverNFSFix
- Chris's Wiki :: blog/linux/Ubuntu1804OddKernelPanic
- Data Breach revealed 1.5 Million Freedom Mobile Customers | Born's Tech and Windows World
- BitLocker management in enterprise environments | Born's Tech and Windows World
- Fifty Questions to Ask a Startup Founder During an Informational Interview — Stephanie Hurlburt
- Oracle 18c and 19c on Oracle Linux 8 (beta) | The ORACLE-BASE Blog
- Oracle Senior Architect: Web Logic Server 11g
- Writing Linux Scripts- Part I – DBAKevlar
- Top 10 Oracle E-Business Suite Security Risks | Integrigy
- Ethics in the AI, Machine Learning, Data Science, etc Era « Oralytics
- Python transforming Categorical to Numeric « Oralytics
- Data Sets for Analytics « Oralytics
- Guide to using and installing WSUS on Windows Server Core 2019 - The time I've wasted on technology...
- Machine Learning Tools and Workbenches « Oralytics
- APEX Connect 2019 - Day 3 - Blog dbi services
- APEX Connect 2019 - Day 2 - Blog dbi services
- APEX Connect 2019 - Day 1 - Blog dbi services
- IT And The Exception Mentality | The Networking Nerd
- VCP6.7-DCV Objective 7.15 - Utilize VMware vSphere Update Manager (VUM) | ESX Virtualization
- Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
- Data Protection in a Multi-Cloud World | Architecting IT
- Making the Case for SAN 2.0 | Architecting IT
- QLC NAND - What can we expect from the technology? | Architecting IT
- SQL Server 2017 RTM CU14 + GDR Released - Microsoft Tech Community - 566368
- OS/2 Museum | OS/2, vintage PC computing, and random musings
- VCDX181.com - SAP grants support for SAP HANA 2.0 on VMware...
- Run WSUS cleanup and index script on Windows Server Core without SQL Management Studio - The time I've wasted on technology...
- VCP6.7-DCV Objective 2.3 - Describe the options for securing a vSphere environment | ESX Virtualization
- Apple Patches ZombieLoad Vulnerabilities - TidBITS
- Best Creamy Lemon Parmesan Chicken Recipe - How to Make Creamy Lemon Parmesan Chicken
- CLI Still Sucks for Automation · Lindsay Hill
- Amazon S3 Path Deprecation Plan – The Rest of the Story | AWS News Blog
- How to list the naa-numbers of LUNs and VMware VMFSs on a Dell EMC Unity system - 50mu - about storage
- Tom's Top Ten Things Executives Should Know About Software - ACM Queue
- SAP on AWS Update – Customer Case Studies, Scale-Up, Scale-Out, and More | AWS News Blog
- A List Of What Makes WiFi 6 Technically Better ? - EtherealMind
- CCNA Training » OSPF Neighbor Sim
- Real-Life Data Center Meltdown « ipSpace.net blog
- Webcast – Install & Configure SQL Server with PowerShell DSC | SQLvariations: SQL Server, a little PowerShell, maybe some Power BI
- Chatterbox is a DIY Kids Smart Speaker that Features Open-Source and Private Voice Assistant, Mycroft - Voicebot
- Top list of computer forensics software – Linux Hint
- Chris's Wiki :: blog/tech/TLSCertificateIdentity
- Turbonomic 2019 State of Multi-Cloud Report – vcdx133.com
- Japan Is Developing First Computer Virus To Prevent Cyber Crimes
- Adding USB 3.0 Drivers to Windows 7 Install Media | Windows OS Hub
- Improving Application Performance with NVMe Storage - Part 1 | APMdigest - Application Performance Management
- New Security Baseline for both Windows 10 and Windows Server | KC's Blog
- Powershell Backup Script-Sharing Knowledge | Erwin Bierens Blog
- CentOS 7 – Windows Active Directory Integration using SSSD | geekdudes
- The Idiot made a Smart Mirror – Jon Spraggins
- Powershell Enable / Disable / Set / Show Windows Web Proxy-Sharing Knowledge | Erwin Bierens Blog
- How to import your existing SSH keys into your GPG key ! even the horse knew
- How to manage multiple SSH keys | Opensource.com
- Dell Technologies World 2019 – (Fairly) Full Disclosure | PenguinPunk.net
- D4stiny (Bill Demirkapi) · GitHub
- 18 Quick 'lsof' command examples for Linux Geeks
- Raspberry Pi Streams Music Using Only the Default Linux Tools | Hackaday
- Open source security: The risk issue is unpatched software, not open source use - Help Net Security
- How to geotag photos on Linux with Otto | Tōkyō Made
- Data in a Flash, Part I: the Evolution of Disk Storage and an Introduction to NVMe | Linux Journal
- Routing from a single public IP with Azure Firewall -
- dnsperf | DNS-OARC
- GitHub - DNS-OARC/flamethrower: a DNS performance and functional testing utility (by @NS1)
- New Features Coming to Debian 10 Buster Release - It's FOSS
- Dell Technologies World 2019 – Media Session – Architecting Innovation in a Multi-Cloud World – Rough Notes | PenguinPunk.net
- Dell Technologies World 2019 – Wednesday General Session – Optimism and Happiness in the Digital Age – Rough Notes | PenguinPunk.net
- Dell Technologies World 2019 – Tuesday General Session – Innovation to Unlock Your Digital Future – Rough Notes | PenguinPunk.net
- Dell Technologies World 2019 – Monday General Session – The Architects of Innovation – Rough Notes | PenguinPunk.net
- Dell EMC Announces Unity XT And More Cloudy Things | PenguinPunk.net
- Free Veeam VMCE Study Guide Download | ESX Virtualization
- New – Amazon Managed Blockchain – Create & Manage Scalable Blockchain Networks | AWS News Blog
- New – Amazon S3 Batch Operations | AWS News Blog
- Building Serverless Pipelines with Amazon CloudWatch Events | AWS News Blog
- hashing - Is there a built-in checksum utility on Windows 7? - Super User
- certUtil -hashfile pathToFileToCheck [HashAlgorithm]
- Design BOMs & my vSAN licensing cheat sheet mind map – Elastic Sky
- vCenter Server Appliance CLI - JSON Creator · davidstamen.com
- Blue circle in the vSphere client after upgrading to vCenter Server 6.7 Update 2 - ivobeerens.nl
- Unimus
- PCI ASV Partners - Clone Systems, Inc.
- AWS re:Inforce 2019 – Security, Identity, and Compliance | AWS News Blog
- Network Security right from the Beginning – Introducing DHCP-over-TLS (DoT) •
- CISSP certificate - II. Personal experience - Security Art Work
- CISSP certificate - I - Security Art Work
- Helping CISOs and Board Members Communicate on Risk: A Shared Assessments Summit 2019 Recap | Security Architects Partners
- Windows Incident Response: Registry Transaction Logs, pt II
- Windows Incident Response: Latest Testing: The Windows Registry, pt I
- Windows Incident Response: LNK Files In The Wild
- Unhardened Web Servers in Tor Have No Anonymity – We are OSINTCurio.us
- Certificates: The OSINT Gift that Keeps on Giving… – We are OSINTCurio.us
- Basic OPSEC Tips & Tricks for OSINT researchers – We are OSINTCurio.us
- So You Want to Red Team? · System Overlord
- The Difference Between Classical Liberalism and Libertarianism | Daniel Miessler
- Cybersecurity | Daniel Miessler
- The Difference Between Goals, Strategies, Metrics, OKRs, KPIs, and KRIs | Daniel Miessler
- Optimizing a Security Assessment Engagement
- Django vs. the OWASP Top 10 - Part 1
- SANS Digital Forensics and Incident Response Blog | A few Ghidra tips for IDA users, part 2 - strings and parameters | SANS Institute
- SANS Digital Forensics and Incident Response Blog | A few Ghidra tips for IDA users, part 1 - the decompiler/unreachable code | SANS Institute
- SANS Digital Forensics and Incident Response Blog | A few Ghidra tips for IDA users, part 0 - automatic comments for API call parameters | SANS Institute
- Robert Penz Blog » Howto install Wireguard in an unprivileged container (Proxmox)
- Security baseline (DRAFT) for Windows 10 v1903 and Windows Server v1903 – Microsoft Security Guidance blog
- The Azure Security Model, Part 1 - Access Control Basics
- Cyber Security First Step for Industrial IoT - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- SOAR: Doing More with Less
- Google Online Security Blog: Gmail making email more secure with MTA-STS standard
- Google Online Security Blog: The Android Platform Security Model
- Errata Security: Programming languages infosec professionals should learn
- USWDS: The United States Web Design System
- Throw Away Drives | Diary of a Network Geek
- California Assembly’s Privacy Committee Votes to Weaken Landmark Privacy Law | Electronic Frontier Foundation
- Hardware Hacking 101 - Lesson 3: Abusing UART (U Are RooT) - The Ethical Hacker Network
- The growing demand for managed detection and response (MDR) | CSO Online
- Navigating the AI hype in security: 3 dos and 2 don'ts | CSO Online
- Why your business continuity and disaster recovery plans should account for EMP attacks and GMD events | CSO Online
- GandCrab attackers exploit recently patched Confluence vulnerability | CSO Online
- Facebook Setting Aside Up To $5 Billion For Privacy Violations : NPR
- Ransom amounts rise 90% in Q1 as Ryuk increases
- Guide: Three Pillars of Preventing Business Email Compromise and Wire Fraud
- Why Asset Management is so important for Vulnerability Management and Infrastructure Security? | Alexander V. Leonov
- After Pentagon Ends Contract, Top-Secret Scientists Group Vows To Carry On : NPR
- Cumulative Update #17 for SQL Server 2014 SP2 - Microsoft Tech Community - 462772
- Largest Leak in History: Email Data Breach Exposes Over Two Billion Personal Records - CPO Magazine
- Multiply time by asking 4 questions about the stuff on your to-do list |
- Java mon amour: Jenkins enable project based security
- Java mon amour: WebLogic Security documentation
- The Wistar network emulator | Open-Source Routing and Network Simulation
- 3 Flourishing Sales Funnel Examples You Ought to Learn From – Online Businesses
- Oracle Security Alert CVE-2019-2725
- Intel’s Optane: Two Confusing Modes. Part 3) App Direct Mode | The SSD Guy
- Oracle Database 19c (19.3) : Installations, RAC, Data Guard etc. | The ORACLE-BASE Blog
- ncubeeight: My 20 years of web
- Learn Ansible By Doing With These Courses And Hands-On Labs - Linux Academy
- Early warning system | Joinup
- blueprint for clinician-led open software design.
- iLO recovery broken flash | panticz.de
- Set Up ParseDMARC on Ubuntu 18.04, 16.04 Server to Analyze DMARC Reports
- VMware ESXi Boot Failure from USB or SD Card with HPe iLO Amplifier and InfoSight - The time I've wasted on technology...
- Blue Zones: Financial Lessons From the World’s Oldest People — My Money Blog
- Big Data Is Big Business: Here's How to Become a Data Analyst
- Market Guide for Cloud Workload Protection Platforms - Virsec Systems
- Kanboard 1.2.7 Multiple Vulnerabilities
- Threat Modeling Methodology | OCTAVE, STRIDE, PASTA,Trike, VAST
- ZeroSec - Adventures In Information Security
- ZephrFish (ZephrFish) / Repositories · GitHub
- DNS Service Discovery (DNS-SD)
- CoreDNS: DNS and Service Discovery
- Pragmatic Blog: Denis Rechkunov – Paranoid Habits. Security Tips
- Understand Your Sphere of Control | #Resolve2015 | Keri Duce | Gross, Point-Blank
- Shadowing RDS 2012 Sessions – Ryan Mangan's IT Blog
- GitHub - gabemarshall/eversec_ctf: Public repo for the Eversec CTF.
- Correlating build numbers and versions of VMware products (1014508)
- MARS_GUUG2016.pdf
- Thomas_Schoebel-Theuer_-_MARS_Light__Replicating_Block_Devices_over_Long_Distances.e2308.pdf
- The World's Largest Repository of Historical DNS data
- Tell it to your Teddy Bear | Talk About Quality
- Red Team Toolkit Essentials, Tim Roberts
- Introducing: Detection Lab – Chris Long – Medium
- Active Directory Visualization for Blue Teams and Threat Hunters
- Three ways to pass credentials in a Powershell Script | Energized About PowerShell
- Export all windows domain computers to CSV from windows | SvennD
- EU law could fine sites for not removing terrorist content within an hour
- GitHub - clong/DetectionLab: Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
- The Journey to Try Harder: TJnull’s Preparation Guide for PWK/OSCP | NetSec Focus
-
- DNS Ping Scans via Open Resolvers
- Cybersecurity Bill Of Materials For Medical Devices: What’s Next
- SPNEGO - Wikipedia
- IEZoneAnalyzer v3.5 with Zone Map Viewer – Microsoft's USGCB Tech Blog
- Slido - Audience Interaction Made Easy
- Sidewalk Labs' street signs alert people to data collection in use
- CIA claims Huawei is funded by Chinese state security
- Chris's Wiki :: blog/links/SystemDashboardDesign
- Using SetupDiag.exe to Diagnose Windows 10 Upgrade Errors | Windows OS Hub
- Organizations Fail to Test Cybersecurity Incident Response Plans | APMdigest - Application Performance Management
- How to Use the Microsoft Anti-Malware Script Interface
- Java and Tomcat Updates : Vagrant and Docker | The ORACLE-BASE Blog
- Linux Server Hardening Using Idempotency with Ansible: Part 3 | Linux.com | The source for Linux information
- Cloud Security » Linux Magazine
- WOPR: Security Loses Some of its Obscurity | Hackaday
- Transcending the Stack with the Right Network Protocol | Hackaday
- The CD Is 40, The CD Is Dead | Hackaday
- The fast WekaIO file system saves you money! - FastStorage
- Digital Trust & Safety: Go beyond fraud prevention with Sift | Sift
- RSS Guard 3.5.7 - Neowin
- VSCodium - The advanced editor
- Top 25 Best Free Medical Imaging Software for Linux System
- Cops Are Increasingly Using Google's Location History Data To Nab Criminals
- Driftnet on Debian: Sniffing images within a network – Linux Hint
- Data Collection Standards in Privacy Legislation: Proposed Language - Lawfare
- Principles of AI Governance and Ethics Should Apply to All Technologies - Lawfare
- Estate Planning for Your Digital Assets: Smart Planning for Your Digital Demise | DennisKennedy.Blog
- Skills for Tech Pros of Tomorrow - Part 1 | APMdigest - Application Performance Management
- Using SSH Keys to connect to your VPS – Low End Box
- Linux Blackhole Tutorial – Adding and Removing A Null Route – Low End Box
- Create Team and Channels with PowerShell |
- Home Lab Information Management – Notes from MWhite
- Monoprice Maker Ultimate 3D Printer Review: Part 1 - set up and initial print
- Is it Elastalert? No – it’s NiFi!! – David Vassallo's Blog
- Consuming Netflow using NiFi – David Vassallo's Blog
- Early Retirement Extreme: — a combination of simple living, anticonsumerism, DIY ethics, self-reliance, resilience, and applied capitalism
- What is a zombie (comatose) server, and why should I care?
- Dread Pirate Roberts 2, the 'guiding mind' of Silk Road 2.0, jailed for over 5 years
- Thomas White, the founder of notorious website Silk Road 2.0, has been jailed for five years and four months by a UK court.
White, also known as Dread Pirate Roberts 2, was charged with not only running Silk Road 2.0 -- the site through which he earned hundreds of thousands of dollars per day on the dark web
Silk Road 2.0 had been set up by White with Blake Benthall (also known as DefCon) from the US after the FBI closed down the original Silk Road marketplace in 2013. White's pseudonym (or one of them, at least), was a nod to Ross Ulbricht, who was arrested for running the first site and used the name Dread Pirate Roberts.
- 2019 Women in Tech Report - HackerRank
- Tax identities up for sale on the dark web
- previous year's W-2 forms and 1040 forms available on the dark web at relatively low cost, ranging from $1.04 to $52. Names, social security numbers and birthdates can be obtained for a price ranging from $0.19 to $62.
There are also how-to guides on illicitly cashing out tax returns available for as little as $5.
- PC-as-a-Service or managed device services? The difference matters
- 61 percent of CISOs believe employees have leaked data maliciously
- 79 percent of IT leaders believe that employees have put company data at risk accidentally in the last 12 months, and 61 percent believe they have done so maliciously.
- 8 out of 10 top vulnerabilities target Microsoft products
- Eight out of 10 vulnerabilities exploited via phishing attacks, exploit kits, or RATs were targeting Microsoft products.
- 802.11ax Is NOT A Wireless Switch | The Networking Nerd
- Data center and server room considerations: What you need to know
- New VMware Security Advisory VMSA-2019-0006 - VMware Security & Compliance Blog - VMware Blogs
- Rubrik Color-Coded VM Backup Reports – Virtually Sober
- An Intro to OpenCensus - SFlanders
- virt-install + nbdkit live install | Richard WM Jones
- The Wide World of Microsoft Windows on AWS | AWS News Blog
- Windows 10 1809 and later slow on VMware | blog.erben.sk
- The issue is identified to be due to some guest OS behavior change in this version of windows 10, 1809 w.r.t thin provisioned disks and snapshots, this has been confirmed as a bug and will be fixed in the following releases – 6.5 U3 and 6.7U3, which will be released within End of this year (2019).
- 3-2-1 Backup Best Practices Using the Cloud
- 3 types of Navigation in SharePoint Online - SharePoint Maven
- The world of cybersecurity in numbers
- OSINT Framework | KC's Blog
- The EU releases guidelines to encourage ethical AI development
- Log2Ram: Extending SD Card Lifetime for Raspberry Pi LoRaWAN Gateway | MCU on Eclipse
- Under The Stairs: PowerShell 7 - Coming Soon!
- Windows hard disk space disappears – Offline files – MILOSZENGEL.com
- Lynis Overview & Installation – Low End Box
- Protecting the privacy interests of others – Blog FiascoBlog Fiasco
- Comparing and Syncing IIS Configurations - Devops Blog
- Top Colleges Aren't What You Think : NPR
- How To SlipStream Latest VMware ESXi patches into an Installation ESXi ISO File | ESX Virtualization
- Artificial Intelligence Could Improve Mammogram Accuracy : Shots - Health News : NPR
- Freed from storage failure by FreeNAS - MYstIC G
- Vrnetlab: Emulate networks using KVM and Docker | Open-Source Routing and Network Simulation
- Screen and Web scraping
- Automatic Clean-and-Updated Firewall Ruleset « ipSpace.net blog
- First Look: Microsoft Healthcare Bot | Tallan Blog
- 15 Practical Python Set Examples with a Sample Program
- Understanding lifecycle management complexity of datacenter topologies | the morning paper
- CephFS: a beginner's guide – Marksei
- joeware – never stop exploring… :) » Blog Archive » LDAP Ping and Determining Your Machine’s Site
- Cloud computing simplified: a Berkeley view on serverless computing | the morning paper
- Let’s talk about trace flags - Microsoft Tech Community - 386061
- Cumulative Update #16 for SQL Server 2014 SP2 - Microsoft Tech Community - 391101
- What if the Actual Execution Plan was always available for any query? - Microsoft Tech Community - 393387
- How To Configure a Shared Mailbox in Office 365. – TDSheridan Lab
- An example why NAT is NOT security | Sebastian Neef - 0day.work
- Active Directory Audit: Why and How | Security Architects Partners
- Ansible Dynamic Inventory for Proxmox | Lisenet.com :: Linux | Security | Networking
- Healthcare Exchange Standards: State of Healthcare Provenance today
- The 12 Worst Serverless Security Risks
- Install OpenVAS (GVM) on Kali 2019
- How CISOs should respond to the cybersecurity crisis
- The Role of Analytics in Protecting Healthcare Data Privacy and Security
- Trojan Horses for the Mind, Part 2 of Building Impactful Security Awareness Messaging
- Trojan Horses for the Mind
- Threat Detection for your Network using Kfsensor Honeypot
- Comprehensive Guide on Netcat
- In its ransomware response, Norsk Hydro is an example for us all
- Historical Communications Security | Diary of a Network Geek
- The buzz at RSA 2019: Cloud security, network security and more | CSO Online
- Under Attack: Over Half of SMBs Breached Last Year
- Threat Hunting 101: Not Mission Impossible for the ...
- 40% of Organizations Not Doing Enough to Protect ...
- 20 Years of STRIDE: Looking Back, Looking Forward - ...
- Adam Shostack
- 6 Essential Skills Cybersecurity Pros Need to ...
- The Matrix at 20: A Metaphor for Today's ...
- 12 tips for effectively presenting cybersecurity to the board | CSO Online
- Windows security updates that require new registry keys | CSO Online
- 7 keys to a successful IT security career | CSO Online
- The 6 biggest ransomware attacks of the last 5 years | CSO Online
- Cr1ptT0r Ransomware Targets NAS Devices with Old Firmware
- Dharma ransomware recovery rates fall as ransom demands skyrocket
- How to rotate your source IP address - Black Hills Information Security
- Oracle mail warns about a critical Java 8 update coming | Born's Tech and Windows World
- Security: Windows-Spoofing via .reg files | Born's Tech and Windows World
- Patch Lady – Domain admins and issues with KB4489878 @ AskWoody
- DTrace for Windows available | Born's Tech and Windows World
- This free AI reads X-rays as well as doctors
- What about a 3D Printed Mini-ITX NAS Case? - briancmoses.com
- Treat staff like adults and equals | The IT Skeptic
- Invalid State of a Virtual Machine on VMWare ESXi | Windows OS Hub
- 4 ITSM Priorities for Digital Transformation | APMdigest - Application Performance Management
- Under The Stairs: Moving from PowerShell Journeyman to PowerShell Master
- How to Fix “Trust relationship has failed” Error
- Upgrade Windows Server from Evaluation to Full
- Desired State Configuration in PowerShell
- Attach a USB Device to a Virtual Machine in VMware
- How to Split a Windows Image File (WIM to SVM)
- Automating The Installation Of VMware ESXi With PowerCLI
- VMware: Change IOPS Limit From 1000 to 1 | PeteNetLive
- Quick and Dirty Image Factory with MDT and PowerShell | Keith's Consulting Blog
- Do You Need to Update KRBTGT Account Password? | KC's Blog
- Chris's Wiki :: blog/tech/NVMeAndTechChange
- Chris's Wiki :: blog/sysadmin/OurDNSCircularDependency
- Check if Powershell Script is Running as Administrator using Snippet
- Product roadmaps are inferior to product forecasts – Blog FiascoBlog Fiasco
- Exploiting Poor SMB Configuration – ls /blog
- gallery-dl - Download Image Galleries And Collections From The Command Line - Linux Uprising Blog
- code integrity vs data security
- The impact of the GDPR - privacy matters
- openDCIM - Open Source Data Center Infrastructure Management
- Security clashes with cloud: Offensive Security CEO talks cultural mindsets, leadership challenges | ZDNet
- radare
- FinalCrypt - Free One Time Pad Encryption
- GitHub - google/grr: GRR Rapid Response: remote live forensics for incident response
- MIG: Mozilla InvestiGator
- GRR Rapid Response: remote live forensics for incident response - LinuxLinks
- IOInsight
- As Built Report | Tim Carman
- Chinese Woman Carrying Malware Allegedly Got Into Mar-a-Lago
- Mar-a-Lago's Security Problems Go Way Beyond a Thumb Drive | WIRED
- Latest Ransomware 'Xwo' Attacks PCs With Default Passwords
- Xwo
- Format your log messages in Python - Blog - syslog-ng Community - syslog-ng Community
- Security Researchers say Half Of Industrial Control System Networks Have Faced Cyber Attacks – ls /blog
- 5 open source tools for teaching young children to read | Opensource.com
- USB4: What this future standard means for USB chaos and Thunderbolt 3 | PCWorld
- The Best Antivirus Programs for Ubuntu - Make Tech Easier
- Different Ways To List Directory Contents Without Using ls Command
- Automation Could Help Organizations Manage Risk: Cybersecurity Research
- Episode #206 Running Django in Production - [Talk Python To Me Podcast]
- Former Senate IT worker pleads guilty to doxxing senators on Wikipedia
- Microsoft is shutting down its HealthVault patient record service
- US Household Spending Breakdown: Top 20% vs. Bottom 20% — My Money Blog
- My life philosophy: 50 lessons from 50 years
- The Best Business Books for Students Who Want to Be Financially Literate
- UN says US fears over Huawei’s 5G are politically motivated
- HCIBench 2.0 is Here! — ThinkCharles.net
- Indian health agency exposes details on millions of pregnant women
- Oracle 18c/19c and ActiveDirectory – Laurent Schneider
- The Renaissance of Data ONTAP | Architecting IT
- Windows Server 2019 Licensing Calculator - VirtuallyInclined.com
- Windows Server 2019 Comparison | Microsoft
- An Intro to Observability - SFlanders
- Datera and the Rise of Enterprise Software-Defined Storage | PenguinPunk.net
- New Veeam Backup & Replication Community Edition for home labs is free! | TinkerTry IT @ Home
- Terence Luk: Using wmic (Windows Management Interface Command) to remotely uninstall applications
- VAST Data – No More Tiers Means No More Tears? | PenguinPunk.net
- Glenn K. Lockwood: VAST Data's storage system architecture
- VAST decouples compute and storage – Blocks and Files
- VAST Data's Universal filesystem – Blocks and Files
- VAST Data: The first thing we do, let's kill all the hard drives – Blocks and Files
- Spectre/Meltdown Performance Impact Across Eight Linux Distributions - Phoronix
- Backups | Roadmap to Securing Your Infrastructure - Linux Academy Blog
- Wiping harddisks in 2019 - Daniel Lange's blog
- Essential System Tools: Firejail - Excellent Security Sandboxing - LinuxLinks
- Protection Poker: An agile game for mitigating risk | Opensource.com
- Antennas in Linux | Linux Journal
- Kali Linux Forensics Tools – Linux Hint
- SMB Exploited – ls /blog
- Being open builds trust | Joinup
- 25 Most Common IoT Security Threats in an Increasingly Connected World
- Economical append-only offsite backups with restic and Wasabi on Debian 10
- AWS Careers: On the Road to All 9 AWS Certifications - Linux Academy Blog
- MITRE names The Document Foundation as a CVE Numbering Authority (CNA) - The Document Foundation Blog
- How to install the OpenVAS security audit tool on Ubuntu Server 18.04 - TechRepublic
- sudo add-apt-repository ppa:mrazavi/openvas
sudo apt-get update
sudo apt install sqlite3 openvas9 libopenvas9-dev -y
sudo greenbone-nvt-syncsudo greenbone-scapdata-sync
sudo greenbone-certdata-sync
sudo systemctl restart openvas-scanner
sudo systemctl restart openvas-manager
sudo systemctl restart openvas-gsa
sudo systemctl enable openvas-scanner
sudo systemctl enable openvas-manager
sudo systemctl enable openvas-gsa
sudo openvasmd --rebuild --progress --verbose
sudo openvas-check-setup --v9
- SAP Open Sources Java SCA Tool
- Why Trust Is Key for Cyber-Security Risk Management
- Open Source Healthcare Visualizations
- “Severe” ransomware attack cripples big aluminum producer | Ars Technica
- Happy Birthday SAP Linux Lab! | e3zine.com
- NetBIOS Auxiliary Modules – ls /blog
- HAProxy - a journey into multithreading (and SSL)
- 10 Excellent Web Project Management Software - LinuxLinks
- These are the most insecure programming languages | ZDNet
- How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business
- LockerGoga: The Dangerously Changing Face Of Ransomware
- What You Need to Know About the LockerGoga Ransomware - Security News - Trend Micro USA
- Configure two node Squid (Proxy Server) Clustering using Pacemaker on CentOS 7 / RHEL 7
- The Ingredients of a Successful Digital Transformation Strategy
- GitHub - edmunds/shadowreader: Serverless load testing for replaying production traffic. Powered by AWS Lambda.
- CopperheadOS' Android Pie update is now available for the Pixel & Pixel 2
- CopperheadOS
- 5 Ceph storage questions answered and explained
- Digital transformation, cultural modernization cannot be mutually exclusive - Federal News Network
- How to Set Up OpenStreetMap Tile Server on Ubuntu 18.04
- DSHR's Blog: Compression vs. Preservation
- Key takeaways on upgrading to Java 12
- JAVA 12 Series Index
- Quick guide to typeperf for Windows performance monitoring | Erik Wramner
- Oracle E Business Suite and Java Security What You Need to Know | Integrigy
- Oracle RAC vs. SQL Server AG – DBAKevlar
- DeployHappiness | Making Life Hard for a Phisher – How to Report a Phishing or Malicious Website
- Fast copies with Solaris 11.4 | rootpool
- Intel’s Optane: Two Confusing Modes. Part 2) Memory Mode | The SSD Guy
- Intel’s Optane: Two Confusing Modes. Part 1) Overview | The SSD Guy
- I can't stand world backup day | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, CSM
- PSA: Isilon L3 cache does not enable with a 1:1 HDD:SSD ratio - FastStorage
- How To Install SQL Server 2019 on Linux (CentOS) - Mohammad Darab
- DHS issues warning about Medtronic implantable defibrillator flaws
- iTWire - Norwegian firm attack likely through Microsoft Active Directory: claim
- Norsk Hydro
- Benchmarking A 10-Core Tyan/IBM POWER Server For ~$300 USD - Phoronix
- Oracle vs. SQL Server Architecture – DBAKevlar
- iLO - IPMI on HP servers | panticz.de
- 40 Linux Server Hardening Security Tips [2019 edition] - nixCraft
- Bare-Bones Monitoring with Monit and RRDtool | Linux Journal
- There’s Something About Service Accounts – Active Directory Security
- What is SNIA’s Persistent Memory Programming Model? | The SSD Guy
- Terence Luk: Security tab for Internet Explorer 11 displays a lock key icon for Internet, Local intranet, Trusted sites, and Restricted sites zones
- Docker tips and tricks for your Go projects | Marco Franssen
- VCP6.7-DCV Objective 1.10 - Describe a virtual machine (VM) file structure | ESX Virtualization
- New – Gigabit Connectivity Options for Amazon Direct Connect | AWS News Blog
- Azure Blueprints: ISO27001 Shared Services - Eric’s Azure Blog
- GitHub - StreisandEffect/streisand: Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
- vSphere 6.7 Basics – Part 2 – vCenter Server Appliance Install – vcdx133.com
- Migrating DB2 Databases to Azure – DBAKevlar
- Nested ESXi Templates - EverythingShouldBeVirtual
- Azure Blueprints - Eric’s Azure Blog
- Putting AWS security services to work for you | AWS News Blog
- Alien Pastures » Explorations into the world of electronic music production
- 100 Useful Vim Commands That You'll Need Every day
- The Quiet Spread of Data Brokers Selling Your Personal Information - TidBITS
- Windows Persistence with PowerShell Empire
- Businesses Warned of Malware Spread via LinkedIn Job Offers
- Thousands of patients impacted by ransomware attack at medical billing company
- Episode 008 - What is Software Testing? - The Evil Tester Show - EvilTester.com
- Are there any programming Katas related to testing? - EvilTester.com
- What is Software Testing And Why Do We Test Software? - EvilTester.com
- Massive Database Leak Gives Us a Window into China’s Digital Surveillance State | Electronic Frontier Foundation
- Learn about computer security with the Raspberry Pi and Kali Linux | Opensource.com
- Powershell – Windows firewall rules with ports – Luka Gros
- Defending Against Remote Desktop Protocol Attacks – The Back Room Tech
- Powershell and Lotus Notes pt3 – Luka Gros
- News about the broken MSComCTL.ocx updates on Office | Born's Tech and Windows World
- MSComCTL.ocx
- The Anatomy of an AWS Key Leak to a Public Code Repository | Technodrone
- A brief history of the admins time | rootpool
- Tech Refresh as Part of an Effective Vulnerability Management Program: Part Three - Delta Risk
- Opening a New Door of Opportunity | Thom Langford
- Axonius' 'Unsexy' Tool Wins RSAC Innovation Sandbox ...
- Axonius
- It's Time to Rethink Your Vendor Questionnaire
- Vulnerability Management at Tinkoff Fintech School | Alexander V. Leonov
- An all-in-one cyber toolkit for criminal investigations - Purdue University News
- Equifax defends against scathing Senate report
- Paravirtualization
- Spy Games: the NSA and GCHQ Offer Their Software to the Open Source Community | Linux Journal
- GitHub - eerotal/LibreSignage: An open source digital signage solution
- 13-Yr-Old Girl Arrested In Japan For Posting Infinite Loop Code
- Linux In Safety-Critical Systems Is Coming Soon With Project ELISA
- ELISA
- iGen and Cyber Security Research | Whitepaper | SANS Institute
- DIY Portable KVM Crashcart From Recycled Laptop Provides VGA Display and USB Keyboard Touchpad With Optional Raspberry Pi: 14 Steps
- As the web turns 30, is it an out-of-control monster? - Japan Today
- Assessing your disk performance and your needs: Analyzing collected data (Part 2) – Dynamics AX in the Field
- Assessing your disk performance and your needs: Collecting relevant data (Part 1) – Dynamics AX in the Field
- SignalsEverywhere Video: SDRAngel How to Receive Basics Tutorial
- The Essential Microsoft Excel Formulas and Functions Cheat Sheet
- The Problem With ERP - IT Jungle
- Who Invented the First Computer and When? We Investigate
- Changes to Garbage Collection in Java 12
- Java mon amour: Kubernetes cheat sheet 2
- Java mon amour: Kubernetes cheat sheet 3
- IDEAS IN FOOD: Fried Angel Hair Parm
- Here's Why IT Teams Spend Too Much Time on Network Troubleshooting | APMdigest - Application Performance Management
- Making A Hammer With Beautiful Engravings | Hackaday
- This Cardboard Box Can Tell You What It Sees | Hackaday
- U.S. GAO - DOD Training: U.S. Cyber Command and Services Should Take Actions to Maintain a Trained Cyber Mission Force
- Remembering Eisenhower’s Middle East Force Resolution - Lawfare
- DSHR's Blog: Demand Is Far From Insatiable
- Raspberry Pi based indoor air quality monitor « Dangerous Prototypes
- DIY NAS: 2019 Edition - briancmoses.com
- Pepperdata Releases Free Big Data Cloud Migration Cost Assessment | APMdigest - Application Performance Management
- Reinventing ITSM? It's Not Going Away - Part 2 | APMdigest - Application Performance Management
- Reinventing ITSM? It's Not Going Away - Part 1 | APMdigest - Application Performance Management
- Which Windows Server 2019 Installation Option should I choose? - Thomas Maurer
- Chris's Wiki :: blog/sysadmin/ScriptsPromptImprovements
- PowerShell Automation Script for IIS installation and more. | Nerd Drivel
- Spectre and VMWare – Stuff I'm Up To
- Oracle 19c Automatic Indexing — How well it’s understood?
- Get All DCs in the Entire Forest | Mohammed Wasay
- Stop audio pops on Intel HD Audio · major.io
- Downgrade HP TPM From TPM 2.0 to TPM 1.2 - Daniel Classon
- Generating Various Types of Group Policy Reports | KC's Blog
- Exploiting secondary data with NDAS from NetApp | Architecting IT
- Applocker and PowerShell: how do they tightly work together? | >_
- Degrading qemu performance in DooM – Virtually Fun
- Getting started with Pulumi on Azure - Cloud for the win!
- Pulumi
- My awesome-podcasts List | Technodrone
- Sysadmin Stories: Running Veeam PowerShell Scripts in Non-Interactive Mode - Credentials
- End of an era, Linux to Deprecate a.out support – Virtually Fun
- BlgNetAutoSol/2_Easy_Wins at master · writememe/BlgNetAutoSol · GitHub
- Iranian hackers stole terabytes of data from software giant Citrix
- Free Morningstar Premium Mutual Fund Reports via Public Library Card — My Money Blog
- Warren Buffett CNBC Interview 2019 Full Video, Full Transcript, and Notes — My Money Blog
- Personal Finance on a 3×5 Index Card: Classic and New Young Adult Version — My Money Blog
- Big Data Is Big Business: Here's How to Become a Data Analyst
- What is money for? An evening with Vicki Robin
- Faster and bigger SSDs enable us to talk about something else than IOps - FastStorage
- How To Create A Recovery Services Vault In Azure - Blog dbi services
- Easter Egg in the Server Config Doc and How to configure Domino to restrict which groups can receive Internet mail | The Notes Guy in Seattle
- Mark Zuckerberg outlines a 'privacy-focused' revamp of Facebook
- Capsule8 Expands Linux-Based Threat Detection Platform for PCI DSS
- How To Create Fillable PDF Forms With LibreOffice Writer - Linux Uprising Blog
- SAP builds its own Java distribution | InfoWorld
- NIST and DFARS and Cyber Compliance! (oh my) « Virginia PTAP at George Mason University
- DFARS & NIST & Incident Reporting - Exostar NIST 800-171 - Exostar Documentation
- Compliance with DFARS 252.204-7012 & NIST 800-171; Expect 2019 to be the year of audit and enforcement - CyberSheath
- DFARS_final.pdf
- a495389.pdf
- 1018805.pdf
- More Than 22,000 Vulns Were Disclosed in 2018, 27% ...
- 7 cheap or free cyber security training resources | CSO Online
- The cybersecurity legislation agenda: 5 areas to watch | CSO Online
- The CSO and CPO role just dramatically expanded overnight | CSO Online
- Bare-metal cloud servers vulnerable to Cloudborne flaw | CSO Online
- The RDP Through SSH Encyclopedia - Black Hills Information Security
- Ransomware attacks hit Florida ISP, Australian cardiology group | CSO Online
- Unified Interface: Internet Explorer 11 Browser Update Issue – Dynamics 365 Customer Engagement Team Blog
- 'Car Talk' Lives On In Medical Education, Teaching Med Students How To Diagnose : Shots - Health News : NPR
- 5 Strategies For Answering Kids' (Super) Tough Questions : NPR
- Java mon amour: Kubernetes cheat sheets
- Java mon amour: Excellent Kubernetes Developer Certification training on Udemy
- Java mon amour: CKA Certification (Kubernetes Administrator)
- How to Sharpen Your Interview Skills With These Soft Skills Questions
- How to Record and Stream Live TV With Raspberry Pi
- HOWTO: Microsoft Certification Exam Preparation Generator – Please Work
- Leigh Johnson’s Guide To Machine Vision On Raspberry Pi | Hackaday
- Stethoscopes, Electronics, and Artificial Intelligence | Hackaday
- Hack My House: Raspberry Pi as a Touchscreen Thermostat | Hackaday
- 5 tips to help CIOs overcome patching problems
- DSHR's Blog: Economic Models Of Long-Term Storage
- Weather Station Project Overview
- Gartner: CIOs Will Be as Responsible for Culture Change as Chief HR Officers | APMdigest - Application Performance Management
- BitSight: Security Ratings Leader - Cyber Risk Management
- Home endpoints twice as likely to be infected as businesses
- The Surprising Secret to Improving Employee Engagement | Beth's Blog
- Ten things you need to know about Pass-through Authentication - The things that are better left unspoken
- Thoughts on VPNs for Road Warriors - Scott's Weblog - The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking
- The Strategy Private School Endowments Love the Most | Institutional Investor
- VulnReport Install ·
- First look on the new Azure Sentinel cloud-native with Azure Notebooks free service #Jupyter #SIEM #SIEMaaS #Azure #Sentinel | Robert Smit MVP Blog
- Learning about containers | Nelson's log
- Why I write my resume in LaTeX | Logan Marchione
- Security Thoughts: Veeam Backup & Replication leaks Azure Password in log - The things that are better left unspoken
- Saving regret — and how to avoid it
- The Trouble with Troubleshooting | APMdigest - Application Performance Management
- Chris's Wiki :: blog/sysadmin/PrometheusSubqueriesMathOverTime
- Diving into Merkle Trees
- PureBoot, the High Security Boot Process – Purism
- Strategies for securing container deployments | ITProPortal
- 5 Useful Tips for Better Tmux Terminal Sessions
- Reducing security risks with centralized logging | Opensource.com
- Full API lifecycle management: A primer - Red Hat Developer Blog
- An LA hospital will put Alexa in over 100 patients' rooms
- France’s New Offensive Cyber Doctrine - Lawfare
- Introduction to spatial joins with QGIS | Opensource.com
- Twenty years of U.S. government inflation data
- Berkshire Hathaway 2018 Annual Letter by Warren Buffett — My Money Blog
- Who Shoulders the Burden of Federal Income Taxes?
- You MUST patch 12.1.0.1 and 11.2.0.3 and older before June 2019
- The Cloud Migration Journey Series – Ather Beg’s Useful Thoughts
- SignalsEverywhere Podcast EP1: Es’hail-2, Favorite RTL-SDR Blog Posts and What SDR Should I Get?
- A Sense of Urgency: Money Can’t Buy You More Time — My Money Blog
- Internet gatekeeper warns of 'ongoing and significant' DNS attacks
- Hacking Amazon dash buttons, the hard way, with OpenWRT – Huan Truong's Pensieve
- OSSEC Installation Guide for Ubuntu - < 10 min to Raise the Defences
- Wireshark Tutorial and Tactical Cheat Sheet | HackerTarget.com
- Tcpdump Examples - 22 Tactical Commands | HackerTarget.com
- 22 SSH Examples, Practical Tips & Tunnels | HackerTarget.com
- Ubuntu, DNS, and sudo | Nelson's log
- Adding Cover Art to FLAC file from Command Line and GUI - Life of a Geek Admin
- How To Mount and Unmount ISO files using PowerShell - Life of a Geek Admin
- Nessus, OpenVAS and Nexpose VS Metasploitable
- eurobsdcon_silbersack.pdf
- Michael James Silbersack
- 800 Free eBooks for iPad, Kindle & Other Devices | Open Culture
- pki - CAC enable JBoss - Stack Overflow
- External and Federal PKI Interoperability
- TCP timestamps - ForensicsWiki
- Mitigating End of Life Technology by Bill Keyworth: BSMReview.com
- Useful WMIC Queries Computer Info | g.fisk
- Remote Desktop – Black Screen Of Death | g.fisk
- Network performance with VMXNET3 on Windows Server 2016 - Life of a Geek Admin
- Disable TCP and ICMP Timestamps - Whonix
- Patch Tuesday, February 2019 Edition — Krebs on Security
- Replacing default certificates with CA signed SSL certificates in vSphere 6.x (2111219)
- Configuring CA signed certificates for ESXi 6.0 hosts (2113926)
- Replacing ESXi SSL Certificates and Keys
- Sleeping at Night: Cybersecurity, Patient Safety and the Radiology Department
- Building A Cybersecurity Team in Radiology | Imaging Technology News
- Cybersecurity for Medical Imaging Departments – LINK
- Cybersecurity Increasingly Critical for Medical Imaging
- How to Choose Between Penetration Tests and Vulnerability Scans | EdTech Magazine
- Welcome to MWR Labs - Cyber security research and development
- CISSP Exam Changes: Tips and tricks to pass the new CAT format - YouTube
- (172) MF Prod - YouTube
- (172) Free CISSP Study Questions of the Day from IT Dojo - YouTube
- (172) Larry Greenblatt - CISSP 2018 Exam Tips - YouTube
- DoD Approved 8570 Baseline Certifications
- Major Security Breach Found in Hospital and Supermarket Refrigeration Systems
- ONTAP 9 Antivirus Configuration Guide - ECMLP2492609
- What is EMC's CAVA / Common Event Enabler? - THE SAN GUY
- Anti-virus on VNX CIFS Servers » Cyberfella Ltd
- Programming Books You Wish You Read Earlier
- 2019 Update on frameworks, standards, and regulations for infosec - Security Boulevard
- Top 30 Information Assurance Analyst Interview Questions and Answers for 2019
- Brain-hacking: Why Social Engineering is so effective - Security Boulevard
- CIPHER Selected as Top 10 Best Performing MSSP
- When it Comes to NIST 800-171 Compliance – There’s ‘On Time’ and There’s ‘Lombardi Time’ - Security Boulevard
- Cyberattacks in a Global Supply Chain: How Compliance Officers Can Mitigate Risk - Security Boulevard
- The Complete Application Security Checklist | Synopsys
- The Route of a Text Message, a Love Story - Motherboard
- DFARS Cybersecurity Audits: What to Expect
- Lessons learned from the Microsoft SOC—Part 1: Organization - Microsoft Secure
- Toyota Australia driven offline by cyber attack, as heart hospital hit by ransomware
- HoneyPy - A Low To Medium Interaction Honeypot - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- OSFClone - Open Source Utility To Create And Clone Forensic Disk Images - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- These Are the Countries With the Best and Worst CybersecuritySecurity Affairs
- Best practices for handling gaps in cloud security - TechRepublic
- Remember, data privacy is always the end goal of any security measure; don't lose sight of this fact: Protecting information is the top priority.
- Free Tool: Honey FeedSecurity Affairs
- ATT&CKized Splunk - Threat Hunting with MITRE’s ATT&CK using SplunkSecurity Affairs
- Windows® Domain Controller and Zero Trust Security | JumpCloud
- Benefits of OpenLDAP™ | JumpCloud
- How to Turn a Raspberry Pi Into a VPN-Secured Travel Router
- The Rise of Ransomware and the Consequences for SMBs
- 11 Takeaways: Targeted Ryuk Attacks Pummel Businesses
- Healthcare Exchange Standards: Segmenting Sensitive Health Topics
- Japan Security Analyst Conference 2019 -Part 2- - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- Iptables Essentials - Common Firewall Rules And Commands - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Powershell – My Setup at Work as a SysAdmin
- SEAL Training | Diary of a Network Geek
- Hacking Healthcare Live: Bits and Bytes Meet Flesh and Blood ~ Cyber Thoughts
- Ryuk Ransomware, Exploring the Technical and Human Connections
- Six tips for securing identity in the cloud – Microsoft Azure Government
- The cybersecurity legislation agenda: 5 areas to watch | CSO Online
- 7 cheap or free cyber security training resources | CSO Online
- DIY X-Ray Machine Becomes CT Scanner | Hackaday
- The Woeful World of Worldwide E-Waste | Hackaday
- Exploration of Cooking
- Bullet Journaling for Nonprofit Professionals | Beth's Blog
- Industrial Security | Tenable®
- Dtex Systems - User Behavior Intelligence
- DeployHappiness | A Universal Naming Scheme for Your Devices
- 83 percent of US organizations have accidentally exposed sensitive data
- The five most common technologies that have led to accidental data breaches by employees are external email services like Gmail and Yahoo (51 percent), corporate email (46 percent), file sharing services like FTP sites (40 percent), collaboration tools such as Slack and Dropbox (38 percent), and SMS/Messaging Apps like G-Chat and WhatsApp (35 percent).
- Wandera | Mobile Security
- Jaffar's (Mr RAC) Oracle blog: What's new in 19c - Part III (Data Guard)
- Japan scholar and translator Donald Keene dies at 96 - Japan Today
- Comprehensive Guide on Snort (Part 1)
- I'm resigning from SANS - Black Hills Information Security
- Spectre is here to stay An analysis of side-channels and speculative execution
- Data lakes, observability, and making devs awesome - SysAdmin1138 Expounds
- SEC575_iOS12_AndroidPie_Handout.pdf
- How to make Email Bot service in Python | Alexander V. Leonov
- The Average Cost of Fighting a Cyberattack Now Exceeds $1.1M | DEVOPSdigest
- $1.1M
- Automating snapshots with pyznap on Centos 7 | SvennD
- Bureaucracy survival skills – Blog FiascoBlog Fiasco
- What happened with Citrix Printing throughout 2018?!
- smbclient receiving error message: protocol negotiation failed: NT_STATUS_CONNECTION_DISCONNECTED | setaOffice
- Vulnerababe UNACEV2.DLL puts software like WinRAR at risk | Born's Tech and Windows World
- 7-Zip Version 19.00 released | Born's Tech and Windows World
- End of General Support for vSphere 6.0 - Davoud Teimouri
- 30! TIPS on how to use Amazon Web Services (AWS) more efficiently – multiple cost savers included
- Version 2.0 of the Cloud Services Cheat Sheet is now live. Get it here!
- New Community (book) project – Byte sized Cloud design principles and architectural recommendations
- 'Yame-hara' - pressuring resigning workers not to quit - Japan Today
- Yame-hara
- Oracle Multimedia will be removed in Oracle Database 19c
- Oracle 18c Express Edition (XE) for Windows is available
- Jaffar's (Mr RAC) Oracle blog: What's new in 19c - Part II (Automatic Storage Management - ASM)
- Jaffar's (Mr RAC) Oracle blog: Whats new in 19c - Part I (Grid Infrastructure)
- DigitalOcean launches its managed database service | TechCrunch
- Re-Imagining Virtualization with Kubernetes and KubeVirt - Part II – Red Hat OpenShift Blog
- Monte Carlo Simulation with Python - Practical Business Python
- How to Automate FFmpeg and Bento4 With Bash Scripts
- CPDP2019 Computers, Privacy and Data Protection conference
- 7 Key Considerations for Kubernetes in Production - The New Stack
- Script to create mount points in LVM - Kernel Talks
- How to Create Bootable Ubuntu 18.04 USB Stick on Linux | Linuxize
- Implementing Dstat with Performance Co-Pilot
- Open Science, Open Source and R | Linux Journal
- vCenter 6.5 HA Installation and Configuration - vembu
- Configuring vCenter HA - Part 1 - vembu
- How To Migrate Shares and Files with ease by using Microsoft Storage Migration Service - Part 2 | ESX Virtualization
- NVMe-oF Support is now Released! | Cody Hosterman
- NVMe-oF
- Upgrading a Basic vCenter 6.5 HA Cluster to vCenter HA 6.7 U1 – The Wifi-Cable
- Tips for writing Vester test files, part 2 | Adventures in a Virtual World
- This vegetable curry has bold flavors to keep everyone happy - Japan Today
- Basics – The FARR Model | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, CSM
- Fault tolerance: This is your baseline protection against individual storage component failure. If a disk (or flash) drive fails, you don’t want to lose your data. While we take fault tolerance for granted as something we can control and see alerts for within an on-premises environment, there’s less visibility and control in public cloud. More so, fault tolerance doesn’t give you protection from anything other than storage unit failure.
Availability: “If a tree falls in the forest and no-one hears it, does it really make a noise?” That’s the old philosophical question that availability skirts around: if your data is online and error free, but you can’t access it, is it actually usable? Availability is about making sure you have protection against losing connectivity to the data/workload. For example: if your workload is one presented only back into the business, and the link between the business and the VPC in which it is running is lost, how do you get access to it again? Do you plan for multiple paths for availability, or do you accept a single point of failure on data/workload availability?
Redundancy: You’re hosting your service in AWS Sydney, and there’s a fire in the datacentre – what’s your failover strategy? You’ve built a whiz-bang application for your customers that relies on a back-end RDS database, and the region hosting that database starts experiencing RDS services going down. How (and to where) do you failover your database service to allow customers to keep doing what they need to do?
Recoverability: Ransomware gets into your VPC and encrypts all the data there. A developer accidentally issues a delete statement on the customer contact table within the production rather than development RDS environment. The CEO accidentally deletes critical O365 email folders. The block storage your service runs on suffers an outage and the cloud provider’s fault tolerance level was insufficient to prevent data corruption. Fault tolerance, availability and redundancy are all about avoiding as much as possible a data loss situation, but recoverability is how you handle the situation when the chips are down. Do you trust to cloud native protection, or use a mix of both? (Increasingly, mix of both is the safest, cheapest and most flexible way to go.)
- Easy 1-hour Pro Mini Classroom Datalogger [Build Update: Feb 2019] | Underwater Arduino Data Loggers
- Replacing the default (self signed) certificate on a RD Session Host server - Adrian Costea's blog
- Automating MDT Windows 10 Image Captures with Packer - WinSysBlog
- Replacing Self Signed Remote Desktop Services Certificate on Windows | Knowledge eXchange
- How to Modify Default Share Permissions and Other Tweaks • Helge Klein
- A little something about Share vs NTFS permissions
- Python, Your Friendly OSINT Helper – We are OSINTCurio.us
- Tracking All the WiFi Things – We are OSINTCurio.us
- Five Things You Can Do To Stay OSINT Curious – We are OSINTCurio.us
- Using OSINT for your personal threat model – We are OSINTCurio.us
- How to Enable Monitor Mode & Packet Injection on the Raspberry Pi « Null Byte :: WonderHowTo
- Tactical Nmap for Beginner Network Reconnaissance « Null Byte :: WonderHowTo
- Analyzing the Hacks: The Girl in the Spider's Web Explained « Null Byte :: WonderHowTo
- SSD, LVM and you: Zero data loss, LVM caching, and properly configuring your Linux box to get the most out of SSD! | The Doom'd Net
- SHA-2 patch for Windows 7 arrives on March 2019 | Born's Tech and Windows World
- How to Brute-Force Nearly Any Website Login with Hatch « Null Byte :: WonderHowTo
- How to Detect Vulnerabilities in a Web Application with Uniscan « Null Byte :: WonderHowTo
- Hubbard on Networking: AutoSSH on Odriod XU4 running Kali Linux 2
- Odriod XU4
- Hubbard on Networking: Create an HP iLo account when you don't know the Admin Password
- Hubbard on Networking: A Simple Python 3 Script for my Favorite nmap Scripts
- Hubbard on Networking: Useful Linux commands for troubleshooting WiFi
- Hubbard on Networking: Using iPerf3 to Test 2.5Gb/5Gb and 10Gb Links
- Hubbard on Networking: Update to testing 10Gb links with iPerf3
- Hubbard on Networking: Learning Python 3
- Hubbard on Networking: The tools on my Ubuntu 18.04 laptop
- Oracle Database Appliance (ODA) Installation, Configuration and Deployment Steps – Talip Hakan Ozturk's ORACLE BLOG
- Web and Podcast – We are OSINTCurio.us
- opatch lsinventory – Talip Hakan Ozturk's ORACLE BLOG
- Top 10 Things to Do After Installing Kali Linux « Null Byte :: WonderHowTo
- What’s new in ESXi 6.5 Storage Part I: UNMAP | Cody Hosterman
- Hubbard on Networking: Enabling TLS 1.1/1.2 for RDP in Microsoft Server 2008R2/Windows 7 SP1
- Setting the Standard for CVE - Lawfare
- Cimpanu: The US Govt Accountability Office recommends the US adopt GDPR-like privacy legislation @ AskWoody
- AWS Nitro System – Perspectives
- Data Breaches: What Do the Numbers Mean?
- Windows Firewall Post Exploitation with Netsh
- Upgrading / Migrating from vSphere 5.x to 6.x (6.5 , 6.7) best practices & Approach – Siva Sankar Blogs
- The Rise of the Corporate Technology Ecosystem (CTE) | Daniel Miessler
- DLA_Briefing_Template_as_of_10252017 - C151_CyberSecurity.pdf
- Brian Pippert
- SSL/TLS: How to choose your cipher suite - AMIS Oracle and Java Blog
- https://www.ryanfrantz.com/posts/when-does-an-investigation-end.html
- https://www.ryanfrantz.com/posts/architecture-reviews.html
- How to read fiction to build a startup | TechCrunch
- How to build a WiFi picture frame with a Raspberry Pi | Opensource.com
- DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- DCOMrade
- Lacking Medical Device Security Puts Everyone at Risk - Security Boulevard
- Introducing Zombie POODLE and GOLDENDOODLE
- Do You Have Security Champions in Your Company? A 6-Step Checklist for a Successful Program
- What is Security+ (Plus)? | TechRoots
- Federal PKI Security Challenges: Extending IDaaS with Certificate as a Service - Security Boulevard
- Beyond Tor: Examining the Uncharted Corners of the Dark Web - Security Boulevard
- The Costs of Cyberattacks Are Real | Radware Blog
- SSL/TLS Attacks, Part 3: Who’s at Risk from Compromised Digital Certificates? - Security Boulevard
- Zero Day Initiative — The February 2019 Security Update Review
- Windows Incident Response: Review: Tribe of Hackers
- Germany makes its cyber capabilities available for NATO allianceSecurity Affairs
- What, No Expense Account? My RSA 2019 Itinerary | Thom Langford
- Getting started with Linux Containers on Windows Server 2019 - Ben Thomas' Blog
- Update now! Microsoft and Adobe’s February 2019 Patch Tuesday is here – Naked Security
- Network Segmentation in the Zero Trust Era | Security Architects Partners
- Cyberinsurance and Acts of War - Schneier on Security
- The Complicated Economy of Open Source Software
- Step 5. Set up mobile device management: top 10 actions to secure your environment - Microsoft Secure
- Kaboom - Automatic Pentest - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Inside a GandCrab targeted ransomware attack on a hospital – Naked Security
- A comprehensive survey on graph neural networks | the morning paper
- Poka Yoke in Manufacturing - The Automation Blog
- Notes from OWASP Helsinki chapter meeting 36 – Rule of Tech
- The 5 Most Important Typography Terms, Explained
- .NET Framework February 2019 Security and Quality Rollup | .NET Blog
- HIMSS19: The Cybersecurity Obstacles, Opportunities Ahead
- Web Scraping Boilerplate: Everything You Need to Start Your New Python Scraping Project (Batteries Included)
- NIST Risk Management Framework Webcast: A Flexible Methodology to Manage Information Security and Privacy Risk | NIST
- How to improve your cyber resilience - IT Governance Blog
- Tech Refresh as Part of an Effective Vulnerability Management Program: Part Two - Delta Risk
- What CEOs Need to Know About the Future of Cybersecurity
- Toyota Prepping 'PASTA' for its GitHub Debut
- PASTA (Portable Automotive Security Testbed with Adaptability)
- Lessons Learned from a Hard-Hitting Security Review
- Jaspreet Singh
- Securing Clients SAP S4HANA Netweaver ABAP | Onapsis
- Getting PowerShell Empire Past Windows Defender - Black Hills Information Security
- Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March @ AskWoody
- ESXi: Slow Disk Performance on HPE Gen8 | Windows OS Hub
- AMP RJ-45 vs WE/SS (Regular) RJ-45 Plugs | Matt's Tech Pages
- Blockchain and Trust - Schneier on Security
- How To Migrate Shares and Files with ease by using Microsoft Storage Migration Service | ESX Virtualization
- Top 10 Critical Skills Every vSphere System Administrator Should Know
- ipmitool | panticz.de
- Load Testing Web Servers with Siege Benchmarking Tool
- Three stages of risk-based vulnerability management: Crawl, Walk, Run
- OpenJDK projects you should know about - Panama
- The Final Version of the EU's Copyright Directive Is the Worst One Yet | Electronic Frontier Foundation
- Programming Management & Leadership Books | b3n.org
- APM in a Digital World - Part 3 | APMdigest - Application Performance Management
- Microsoft Patchday: Other Updates February 12, 2019 | Born's Tech and Windows World
- APM in a Digital World - Part 2 | APMdigest - Application Performance Management
- APM in a Digital World - Part 1 | APMdigest - Application Performance Management
- 19c – Laurent Schneider
- Jaffar's (Mr RAC) Oracle blog: Oracle 19c and my favorite list
- Installing and running Oracle Database 19.2.0.0 on Oracle Linux 7 - DBA - Rodrigo Jorge - Oracle Tips and Guides
- It's now 2019, and your Windows DHCP server can be pwned by a packet, IE and Edge by a webpage, and so on • The Register
- Performance Tuning Dojo » ADMIN Magazine
- Cybersecurity Documentation: The Best Defense Is a Good Offense
- The Business of Organised Cybercrime - Security Boulevard
- Save and Invest | Investor.gov
- Five Convergence Solutions to Help Manufacturing Cross the IT-OT Security Schism
- Owning Your Legal Practice's Cybersecurity – MSPs and You
- Enhancing cyber threat protection in Microsoft Office 365 - Security Boulevard
- Why True End-To-End Encryption is Important for Distributed Apps - Security Boulevard
- 2019's Hottest, and Most Bankable, Security Certs - Security Boulevard %
- Five Major Cloud Security Roadblocks and Their Impact on the Enterprise - Security Boulevard
- Introduction to WiFi Security - Security Boulevard
- Quickly Gauge Your Serverless Security Readiness With This Short Quiz
- The Cyber-Risk Paradox: Benefits of New Technologies Bring Hidden Security Risks - Security Boulevard
- Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-DaySecurity Affairs
- Cloud, On-Premises, or Hybrid – What Is the Best HSM Solution for You? - Security Boulevard
- “It is everyone’s business and responsibility” – 40+ Cybersecurity Professionals Share What They Wish Business Leaders Would Understand in Their Own Words - Security Boulevard
- Kubernetes Security Best Practices: From Hosting to Deployment
- Health Data Security: The Most Promising Technologies
- Ron Mehring
- Assessing IoT Risks in Healthcare Environments
- Julia Hesse
- Solving the TLS 1.0 Problem - Security documentation | Microsoft Docs
- Devastating Cyberattack on Email Provider Destroys ...
- Microsoft rolls out healthcare-focused chat features and AI assistants | FierceBiotech
- HIPAA Enforcement Update: Areas of Focus - HealthcareInfoSecurity
- Medical Device Cyber Risk: An Enterprise Problem
- CynergisTek
- Japan Security Analyst Conference 2019 -Part 1- - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- HIMSS19 ~ Cyber Thoughts
- Who’s Responsible for Your Cyber-Security?
- How to Keep Your Kids Safe on the Internet (10 Actionable Tips)
- No left boundary for Vulnerability Detection | Alexander V. Leonov
- Use Group Policy To Manage Settings for Store Apps | Alexander's Blog
- Unexpected Microphone and Camera Behavior in Windows 10 Settings | Alexander's Blog
- Enterprise IT Moving More Workloads to Cloud in 2019 | APMdigest - Application Performance Management
- Copying Large Files over an Unreliable Network Using BITS and PowerShell | Windows OS Hub
- Integrating Windows Updates into Windows 10 Install Image | Windows OS Hub
- Work Optional by Tanja Hester: An honest review
- Using Azure Site Recovery for Migrations (Part 2) | PeteNetLive
- Using Azure Site Recovery for Migrations | PeteNetLive
- Remove unknown VM image from ESXi |
- Chris's Wiki :: blog/unix/GrepDevNull
- Microsoft analysis: 0-day vulnerabilities the biggest risk | Born's Tech and Windows World
- Patchday: Updates for Windows 7/8.1/Server Feb. 12, 2019 | Born's Tech and Windows World
- 500px reveals 2018 breach that exposed user data
- What's the right amount of swap space for a modern Linux system? | Opensource.com
- Hacking an Oracle Database and How to Prevent It | Integrigy
- oss-sec: CVE-2019-5736: runc container breakout (all versions)
- SS7 Cellular Network Flaw Nobody Wants To Fix Now Being Exploited To Drain Bank Accounts | Techdirt
- Gain Valuable Kubernetes Skills and Certification with Linux Foundation Training | Linux.com | The source for Linux information
- Protecting the Logical Security of a Network Environment - InCyberDefense
- Multiple Factors Are Driving Growth at the CNCF
- One in six American adults now wear a computer on their wrist
- Terence Luk: Using InstallSoftwareRemotely.ps1 to upgrade VMware Horizon View Agent
- InstallSoftwareRemotely.ps1
- Document: Executive Order on Artificial Intelligence - Lawfare
- GDPR: Do your backups spark joy? | Data Protection: Avamar, NetWorker, Data Domain, RecoverPoint, CSM
- Veterans can access their medical info through Apple's Health Records
- Linked - New Research Reveals 6 Ways Leaders May Be Out of Touch With Their Employees
- Lawyers and Cybersecurity in 2019: Trends and Tips - MyCase Blog
- What Is Web Scraping? How to Collect Data From Websites
- Service Fabric Customer Architecture: ZEISS Group – AzureCAT Guidance
- SQL Mysteries: SQL Server Login Timeouts – A Debugging Story – SQL Server According to Bob
- Five lessons we learnt about GDPR in 2018 - Security Boulevard
- A Cybersecurity and Cloud Innovator – and a Great Partner - Security Boulevard
- 15 Hacker Types – The Good, the Bad and the Ugly
- Ransomware Evolution: GandCrab v5.1 New Exploit Kit Distribution and TOR Site Features - Security Boulevard
- Ohio Senate Bill 220 Incentivizes Businesses to Maintain Higher Levels of Cybersecurity - Security Boulevard
- The Perfect Sales Kickoff - Security Boulevard
- How Panorays is Different Than Other Third-Party Risk Management Solutions - Security Boulevard
- Panorays
- The 3 Pillars of the Modern-Day SOC - Security Boulevard
- Customers Blame Companies not Hackers for Data Breaches - Security Boulevard
- Immunizing Your Healthcare Technology Against Cybersecurity Threats - Security Boulevard
- Simplifying Cybersecurity Deployments with Automation - Security Boulevard
- B 00 Doesnt It make You WannaCry Mitigating Ransomware on a Windows Network David Branscome - YouTube
- The Cybersecurity Skills Gap: The Defining Skills Shortage of Our Age - Security Boulevard
- Cloud security infographic: The Facts | Intercity Technology
- How to Monitor File Changes across Windows Servers - Security Boulevard
- Quick Hit: Speeding Up a Slow/Mundane Task with a Little Rcpp | rud.is
- EdGuards - Security for Education
- SSL Attacks, Part 2: Where Can Cybercriminals Access Digital Certificates? | Venafi
- SSL Attacks, Part 1: Why Do Cybercriminals Abuse Digital Certificates? | Venafi
- A Revolutionary Approach to HIPAA Compliance - Security Boulevard
- HIMSS 2019 – Champions of Security Unite – Professionally Evil Insights
- iOS 12.1.4 Patches Three Major Flaws | Avast - Security Boulevard
- Whiskey | Daniel Miessler
- To Understand IoT Security: Look to the Clouds - Security Boulevard
- nDPI - Open Source Deep Packet Inspection Software Toolkit - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Microsoft will make Office Pro Plus GDPR compliant | Born's Tech and Windows World
- 'Grandmother Hypothesis' May Help Explain Why Women Live Past Menopause : Goats and Soda : NPR
- SQL Server Worker Thread Default Calculation – SQL Server According to Bob
- 7 Critical Job Application Mistakes to Avoid (Especially for New Graduates)
- The Best Portable Apps That Require No Installation
- Demystifying Stripe Width in vSAN — ThinkCharles.net
- Tips for writing Vester test files, part 1 | Adventures in a Virtual World
- OpenJDK projects you should know about: Valhalla
- SpeakUp Linux Backdoor targets Linux servers in East Asia and LATAM.Security Affairs
- Reverse RDP Attack - Rogue RDP Server can be used to hack RDP clientsSecurity Affairs
- Data breaches, GDPR lead 54% of companies to increase IT security spending - TechRepublic
- Business continuity in ISMS? - Security Art Work
- InfoSec Handlers Diary Blog - Struts Vulnerability CVE-2017-5638 on VMware vCenter - the Gift that Keeps on Giving
- InfoSec Handlers Diary Blog - UAC is not all that bad really
- Spy Versus Spy: How a Researcher And a Journalist Unmasked an Undercover Agent - Motherboard
- Michael on Security: March Updates on Frameworks & Standards
- Ransomware Victims Who Pay Cough Up $6,733 (on Average)
- Health Data Breach Tally: What’s New? - HealthcareInfoSecurity
- Susan Lucci
- Settlement Reached in Community Health Systems Breach Suit
- HIMSS19: Cybersecurity in the Spotlight - HealthcareInfoSecurity
- EHR Vendor Greenway Gets Hefty Fine for False Claims
- Bolstering the Cybersecurity of Medical Devices
- Chaitanya Srinivasamurthy
- Cottage Health Hit With $3 Million HIPAA Settlement
- Securities Fraud Claims Get Boost From EU Data Privacy Rules
- Let’s talk about IoT device security | NIST
- Wyoming Seeks to Repeal Hospital Privacy Regulation for HIPAA Clarity
- Fnord - Pattern Extractor For Obfuscated Code - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Bincat - Binary Code Static Analyser, With IDA Integration - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Small and Medium Business Security Strategies: Part 5 - Black Hills Information Security
- Small and Medium Business Security Strategies: Part 4 - Black Hills Information Security
- Small and Medium Business Security Strategies: Part 3 - Black Hills Information Security
- Small and Medium Business Security Strategies: Part 2 - Black Hills Information Security
- Small and Medium Business Security Strategies: Part 1 - Black Hills Information Security
- Investigate Suspicious Account Behaviour Using SysmonSearch - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- Introducing WMIOps - Christopher Truncer's Website
- Make the Time to Fix Your Time Debt | Hackaday
- DSHR's Blog: Cloud For Preservation
- [career] Navigating Your Career | Don Jones®
- Digital Transformation Efforts Hindered by Lack of Collaboration Between IT and Business | APMdigest - Application Performance Management
- Essential System Tools: f3 - detect and fix counterfeit flash storage - LinuxLinks
- Docker - Basics just for me | itsec.siers.ch
- Reusing DHCP config in ISC dhcpd | Lesser-Evil
- Kubernetes - Namespaces - The IT Hollow
- Firing people is always a last resort. | The IT Skeptic
- AD Controls [SHIFT]
- Upgrade a Standalone ESXi Host to ESXi 6.7
- Taking the Azure Data Box Gateway (preview) out for a spin! – Karim Vaes
- 30 Things to Get You Started - Black Hills Information Security
- EyeWitness and Why It Rocks - Black Hills Information Security
- DFIRTrack - The Incident Response Tracking Application - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- GitHub - FortyNorthSecurity/EyeWitness: EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
- Goscan - Interactive Network Scanner - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- CANalyzat0r - Security Analysis Toolkit For Proprietary Car Protocols - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Volatility Workbench - A GUI For Volatility Memory Forensics - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Everything you need to know about DPOs under the GDPR - IT Governance Blog
- Bypass Application Whitelisting using Weak Path Rule
- The IT Governance Cyber Resilience Framework: how it works - IT Governance Blog
- Transform your security posture with cyber resilience - IT Governance Blog
- Google Online Security Blog: Open sourcing ClusterFuzz
- New Zombie 'POODLE' Attack Bred From TLS Flaw
- Mitigation upgrade to TLS v1.3
- Australian Parliament Reports Cyberattack on Its Computer Network - The New York Times
- Ransomware Attack Via MSP Locks Customers Out of ...
- Cyber risk management: The disconnect between business, security teams | CSO Online
- David A. Wheeler's Blog
- Certifications Are About Support | The Networking Nerd
- Cisco - Linux - Python: MainPage
- Design for security [LWN.net]
- Dstat - A Resourceful Tool to Monitor Linux Server Performance in Real-Time
- Ansible and FreeIPA Part 2 | Adam Young’s Web Log
- Ansible and FreeIPA Part-1 | Adam Young’s Web Log
- Containers: The Basics - Linux Academy Blog
- ZFS Boot Environments Are Helping To Improve The Resilience Of FreeBSD Upgrades - Phoronix
- Remote Desktop Protocol Riddled With 16 Major Vulnerabilities
- Microsoft and Open Source RDP Clients Are Vulnerable to System Takeover Attacks - WinBuzzer
- Top Hex Editors for Linux
- Disk Encryption for Low-End Hardware | Linux Journal
- A Moment of Truth for Cyber Insurance - Lawfare
- The Funniest Incident Postmortem | Gluster
- A review of all the calendar options in SharePoint and Office 365 - SharePoint Maven
- Successful Founders Share Their Advice for Starting Your Own Business
- Asylo
- 7 Tips For Communicating With the Board
- Report: Over 59,000 GDPR data breach notifications, but only 91 fines | CSO Online
- Open Source LIDAR Lets You Get Down To The Nitty Gritty | Hackaday
- NetLogo for scientific research: Modeling | Opensource.com
- Ubiquiti Discovery Service Exposures Allowing DoS Attacks Explained
- Enterprises Move (Slowly) Toward Stronger Cybersecurity, Research Shows
- Your Money or Your Life - An Interview with Author Vicki Robin | Mad Fientist
- Multiple Ways to Exploiting Windows PC using PowerShell Empire
- New Vulnerabilities Make RDP Risks Far From Remote
- Over 59K Data Breaches Reported in EU Under GDPR
- How to Access the Dark Web Safely and Anonymously
- Information Security | Daniel Miessler
- Ransomware Evolution: GandCrab v5.1 New Exploit Kit Distribution and TOR Site Features
- GandCrab v5.1
- How ADP identifies and reduces third-party risk | CSO Online
- Hard days at work - SysAdmin1138 Expounds
- Julia Reda – Article 13 is back on – and it got worse, not better
- Self-charging pacemakers are powered by patients' heartbeats
- ‘Achieving and Maintaining Cyberspace Superiority’: A Cyber Command and Interagency Legal Conference - Lawfare
- Password Reuse Remains a Barrier to Safer Internet Use, Google Reports
- 5 reasons why you need to embrace Microsoft Flow - SharePoint Maven
- Costs for Windows 7 Extended Security Updates till 2023 | Born's Tech and Windows World
- Windows 10: Microcode Updates February 2019 | Born's Tech and Windows World
- Planning for the future isn't what it used to be | Opensource.com
- UNIX: Building The Most Important OS in the World
- The Mayo Clinic created an online tool for predicting kidney stones
- Developing an Objective, Repeatable Scoring System for a Vulnerability Equities Process - Lawfare
- Big-O Notation Explained | Daniel Miessler
- Michael on Security: Security Maturity Models (Part 1 of 2)
- Avoid these Common Security Misconfigurations - Security Boulevard
- Building a Disk Tower, for all pain and no profit
- BestDuplicator
- Let's Play with Routing - Part 1
- A New Switch for a New Day
- Fwknop - Single Packet Authorization & Port Knocking - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- The Mega-Guide to Trends in 2019 – J.D. Meier's Blog
- Parsing Text with PowerShell (3/3) | PowerShell Team Blog
- oVirt: Open Source Virtualization for the datacenter – Marksei
- What Is a VPN Connection and How Does It Work?
- Now That’s What I Call Crypto: 10 Years of The Best of Bitcoin | Hackaday
- Organize tool box drawers cheap - The Silicon Underground
- How bad is MS08-067? - The Silicon Underground
- MS08-067
- Linux Fu: Easier File Watching | Hackaday
- Hack Your File Hierarchy with Johnny Decimal System (Dewey’s Older Brother) | Hackaday
- The elements of cybersecurity hygiene and secure networks - Part 3
- CISOs must change their outlook or lose their jobs
- “AaronLocker” moved to GitHub – Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog
- The case for building expertise to work on US AI policy, and how to do it - 80,000 Hours
- Out-of-Office Messages are a Security Risk - The Lone Sysadmin
- Monitoring Citrix - a vendor overview -
- Configure SCCM Maintenance Windows based on Patch Tuesday
- Automating my TV – Scott Gruby's Blog
- Adding Energy Monitoring to Home Assistant – Scott Gruby's Blog
- Hyper-V VM configuration version supported features - Thomas Maurer
- Cool feature in SMS Trace (Trace32.exe) | 9to5IT
- Thoughts on Azure, OMS & SCOM: Digging through log files? SMS Trace is the way to go!
- WSUS Windows Update Error 0x80244010: Exceeded max server round trips | Windows OS Hub
- 0x80244010
- Ubuntu 18.10 install notes | Nelson's log
- Running Systems » Blog Archive » HA ZFS NFS Storage
- Zero Day Initiative — Of ISOs and Attorneys: Legal Action in Vulnerability Disclosure
- Windows Incident Response: RegRipper
- Building a Cybersecurity Talent Pipeline One Coding Challenge at a Time | Webroot
- Compliance Beyond IRS 1075 and CJIS Audits - Blog | Tenable®
- IRS1075
CJIS
- Cyber (GRU) (II): historical SIGINT - Security Art Work
- Great reference list.
- Aztarna - the open-source scanning tool for vulnerable robotsSecurity Affairs
- Aztarna
- Reading the ENISA Threat Landscape Report 2018Security Affairs
- Can Enterprises execute a GRC Movement?Security Affairs
- Step 4. Set conditional access policies: top 10 actions to secure your environment - Microsoft Secure
- Debbie Seres
- CISO series: Talking cybersecurity with the board of directors - Microsoft Secure
- ADAPT - Tool That Performs Automated Penetration Testing For WebApps - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- CIRTKit - Tools For The Computer Incident Response Team - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- CIRTKit
- Uncle Spufus - A Tool That Automates Mac Address Spoofing - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- LOLBAS - Living Off The Land Binaries And Scripts (LOLBins And LOLScripts) - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- LOLBAS
- List of data breaches and cyber attacks in January 2019 - 1,769,185,063 records leaked - IT Governance Blog
- A 6-step guide to surviving data breaches - IT Governance Blog
- Infosecurity.US - Web Log - OWASP Top Ten IoT 2018
- OWASP: What Are the Top 10 Threats and Why Does It Matter?
- Privacy: Several States Consider New Laws - HealthcareInfoSecurity
- Inside Matrix and Emotet: How They Work, and How to Defend
- New Medical Device Cybersecurity Framework Unveiled
- Kevin McDonald
- Government Spending on Cybersecurity: An Analysis
- Alia Mendonsa
- A CISO on the Value of Endpoint Detection and Response
- Larry Whiteside
- Jenkins Pentest Lab Setup
- xDedic - Marketplace for Hacked RDP Credentials is Taken Down
- Vulnerability Life Cycle and Vulnerability Disclosures | Alexander V. Leonov
- What’s wrong with the Raspberry Pi – Own your bits
- Installing and setting-up JAVA & JBoss 7 Final on CentOS 6 | RoseHosting
- Hardening your HTTP response headers
- How to Mitigate the Java Deserialization Vulnerability in JBoss Application Servers | Synopsys
- The Bash Fingertips: Making Your Own 'Information Centre' | Tux Machines
- Java servers like Jetty, GlassFish and Tomcat | NGINX
- Using ngnix with WildFly - JBoss
- 5 Best Python Frameworks for WebView Testing | Codementor
- Build a network emulator using Libvirt | Open-Source Routing and Network Simulation
- How to Enable Android Enterprise and configure Personal devices with a Work Profile in Microsoft Intune – The ultimate Step-By-Step Guide
- How to Use Docker Containers - Make Tech Easier
- Cornelius' Blog: Governance on demand
- FOSS Project Spotlight: Mender.io, an Open-Source Over-the-Air Software Update Manager for IoT Devices | Linux Journal
- SSL and Weblogic - Remote PSAdmin
- Product Lifecycle Management in the Medical Device Industry - White Paper - lifecycle-mgmt-medical-device-bwp-070013.pdf
- UD_Cybersecurity-Healthcare-2018-conference-agenda.pdf
- Open redirects - the vulnerability class no one but attackers cares about - Steve Tabernacle
- Advisories | CERT NZ
- GitHub - Vulnerator/Vulnerator: The official distribution of the vulnerability parsing utility.
- Let’s Encrypt when your server is behind a firewall and you can’t use DNS Challenge – Diary of an Emacs tragic
- Should There Be More School Policies on Teachers' Social Media Interaction With Students? - Law and Daily Life
- Looking Ahead To 2019 | The Frog Pond of Technology
- How long will Oracle Database 12.2 be supported?
- Dissecting 190115 BP, PSU, RU and RUR - DBA - Rodrigo Jorge - Oracle Tips and Guides
- Azure Automation of A-to-Z, Part I – DBAKevlar
- A Collection of Useful Resources for Web Designers and Programmers
- Data Privacy Year | Linux Journal
- Using EFI/UEFI firmware in a VMware Virtual Mac... |VMware Communities
- Dump LAPS passwords with ldapsearch ·
- Searching LDAP using Nmap’s ldap-search.nse script | Faded Lab
- CA Spectrum Common Access Card Authentication Solution Guide - Spectrum_CAC_Authentication_Guide_ENU.pdf
- DoD CAC Reader | Ubuntu, Derivatives and Linux Mint – CubicleNate's Techpad
- Local Admin Access and Group Policy Don’t Mix - TrustedSec
- Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil …
- Centrify Now Offers Free US Government PIV and Military CAC Support for the Mac | Secure Thinking by Centrify
- CAC Card for DOD/Military : Fedora
- The Risky Business of Cybersecurity
- Connectivity Problems Caused by Issues in SQL Server – SQL Meditation
- Up, up and to the Clouds: Cloud Computing 101 - Security Boulevard
- Parsing Text with PowerShell (2/3) | PowerShell Team Blog
- Parsing Text with PowerShell (1/3) | PowerShell Team Blog
- Migrate a VM from vCenter to Azure | PeteNetLive
- Programming paradigms for dummies: what every programmer should know | the morning paper
- Top 30 Data Recovery Interview Questions and Answers for 2019
- Demystifying the Indian Data Protection Bill, 2018: Part 2 of 3 - Gemalto blog
- Demystifying the India Data Protection Bill, 2018: Part 1 of 3 - Gemalto blog
- New Phobos Ransomware Using Same Ransom Note as Dharma - Security Boulevard
- What Are Common Certificate Validation Flaws? - Security Boulevard
- CVSS: Characterizing and Scoring Vulnerabilities - Security Boulevard
- Benefits of SSH Key Management - Security Boulevard
- Open Source Licenses Explained - Security Boulevard
- The Evolution of Darknets - Security Boulevard
- Healthcare: A Cloud Security Investigation (CSI) - Security Boulevard
- CISO Intro by Jeremiah Grossman - Security Boulevard
- “Cyber Smart” Interview with Bart McDonough - Security Boulevard
- Continuous Monitoring 101
- How To Install and Use RetroArch on Linux - LinuxConfig.org
- Roles and Responsibilities of the Information Security Manager - Security Boulevard
- Windows Registry & Osquery: The Easy Way to Ensure Users are Secured - Security Boulevard
- Serverless And The Evolution In Cloud Security, How FaaS Differs From IaaS - Security Boulevard
- SAP Security Notes 2018: Lessons Learned and a Look to What's Ahead in 2019 - Security Boulevard
- FTW - Framework For Testing WAFs - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Build Cheat Sheets and Share Your Favourites! - Cheatography.com: Cheat Sheets For Every Occasion
- 10 YouTube URL Tricks You Should Know About
- Howto: Docker, Databases, and Dashboards to Deal with Your Data | Hackaday
- Container Jungle: where do I start? Docker, Kubernetes – Marksei
- Ansible, ARA and MariaDB (or MySQL) – The ongoing struggle
- Illinois biometric privacy law passes a key court test
- VIRTIO 1.1 Standard Moving Closer To Release With GPU Device, Better Performance - Phoronix
- DeployHappiness | Master of Science in IT: 1 Year, $5200
- Benchmarking The Current Spectre + Meltdown Performance Overhead For 10 GbE Networking - Phoronix
- Consumer threats down as cybercriminals target business
- Poor integration costs businesses $500,000 a year
- Chris's Wiki :: blog/linux/ServerRebootOnPanics
- Getting Started with Kubernetes - The IT Hollow
- Office 365 down (January 24, 2019)? | Born's Tech and Windows World
- Planner Notifications for Teams – All About I.T.
- Digital IDs said to boost economies, but privacy is at risk - Japan Today
- Prudent Security Admin: Has a New Data Breach Precedent Been Created? - Security Boulevard
- How to Become a Chief Information Security Officer — CyberSpeak Podcast - Security Boulevard
- Study: Hospitals dramatically increase ad spend following data breaches - Security Boulevard
- 5 Ways a CISO Can Tackle the CyberSecurity Skills Shortage Now - Security Boulevard
- 1. Lower the Skill Level
2. Spread the Load For Your Security Professionals
3. Raise Awareness About Cyber Attacks
4. Increase Network Visibility
5. Plan for Tomorrow
- NBlog - the NoticeBored blog: NBlog Jan 23 - infosec policies rarer than breaches
- NBlog - the NoticeBored blog: NBlog Jan 25 - cyber risks in context
- State agency exposes 3TB of data, including FBI info and remote logins – Naked Security
- 2 distinct campaigns delivered GandCrab ransomware and Ursnif TrojanSecurity Affairs
- Collection #1 Data Breach Analysis – Part 2 - by Marco RamilliSecurity Affairs
- “Collection #I” Data Breach Analysis – Part 1 – Marco Ramilli Web Corner
- Jok3R - Network And Web Pentest Framework - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Voice of the Customer: Azure AD helps lululemon enable productivity and security all at once for its employees - Microsoft Secure
- Conpot - An Open Industrial Control Honeypot - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Beebug - A Tool For Checking Exploitability - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Fighting Emotet: lessons from the front line – Naked Security
- The Application Security Team's Framework For Upgrading Legacy Applications
- Sh00T - A Testing Environment for Manual Security Testers - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- What is an ISMS and 8 reasons why you should implement one - IT Governance Blog
- The PCI SSC’s new software security standards – what you need to know - IT Governance Blog
- PCI SSC
- On the 'structural shortcomings' of the GDPR
- Study: Companies with GDPR investments conduct business faster
- Girl Scouts announce new cybersecurity patch
- 5 Malware Trends: Emotet Is Hot, Cryptominers Decline
- Hardware Hacking 101 – Lesson 1: Beauty, Your Home Lab and Basic Electronics - The Ethical Hacker Network
- Government Shutdown: Impact on Health Data Security, Privacy
- Colorado police encrypt *all* their radio communications, frustrating journalists
- Life Under GDPR: Data Breach Cost Unknown - HealthcareInfoSecurity
- Dharma Gang Pushes Phobos Crypto-Locking Ransomware
- Coveware's 2018 Q4 Ransomware Marketplace Report
- Google Hit With $57 Million GDPR Fine in France
- National Data Privacy Day Is Wishful Thinking
- Center for Internet Security releases Microsoft 365 benchmarks | CSO Online
- Looping sssd_nss - Blog dbi services
- VMware Snapshots: Securing Windows RDP Connections with a Signed SSL Certificate
- Landscaping a Secure/Closed Loop Infrastructure in Azure with Terraform & Azure Devops – Karim Vaes
- New – TLS Termination for Network Load Balancers | AWS News Blog
- Home - Freeplane - free mind mapping and knowledge management software
- Top 11 Free Linux DICOM Viewers for Doctors
- Understanding Bash fork() Bomb :(){ :|:& };: code - nixCraft
- GandCrab ransomware and Ursnif virus spreading via MS Word macros
- GandCrab
- Debian GNU/Linux 9.7 "Stretch" Released with Patched APT Package Manager
- Gulp - A Toolkit for Automating Painful Tasks in Development
- Top 5 Vulnerability Scanning Tools – Linux Hint
- Best 10 Free and Open Source Lab Management Systems
- Get started with LogicalDOC, an open source document management system | Opensource.com
- Beware! This Malicious Ransomware Hides As Free Games & Software
- Forget No-Carb. Embrace Slow Carb : The Salt : NPR
- Buddha Bowl - Make Your Own Bowl for any Phase - Chef Dawn Ludwig
- KookBook 0.2.0 available – now manage your cooking recipes better – Blog :: Sune Vuorela
- To upgrade or not to upgrade? That's the question! | The ORACLE-BASE Blog
- Vulnerabilities Found in Highly Popular Firmware for WiFi Chips
- New Android Malware Uses Motion Sensors To Stay Hidden
- The 7 Habits of Highly Effective IT Leaders – J.D. Meier's Blog
- Corporate Best Practices in Security Awareness and Training Programs
- Dan Lohrmann
- The Start of the RHCA Journey | Lisenet.com :: Linux | Security | Networking
- Guinness World Records bets on Office 365 and AWS to boost business expansion
- “It is the IT department’s job to make sure we can respond to the ever-growing changes within our business model, so we can take up new opportunities and move into new markets,” says Rob Howe, IT director at Guinness World Records.
- How to inject custom drivers into an ESXi 4.1 image using vibddi?
- An AnandTech Exclusive: The Jim Keller Interview
- SC Cyber
- 8 Awesome InfoSec and Cybersecurity Blogs of 2018 -
- GitHub - paralax/awesome-cybersecurity-internships: a list of cybersecurity internships
- GitHub - jivoi/awesome-ml-for-cybersecurity: Machine Learning for Cyber Security
- Greek Gluten Free Meatloaf Muffins | Healthy & Easy Freezer Meals
- nVisium
- xsstrike.tk
- GitHub - s0md3v/XSStrike: Most advanced XSS detection suite.
- GitHub - l0ss/Grouper: A PowerShell script for helping to find vulnerable settings in AD Group Policy.
- GitHub - minimaxir/big-list-of-naughty-strings: The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
- Introducing Metta: Uber’s Open Source Tool for Adversarial Simulation
- Xeneta | Ocean Freight Rate Benchmarking Platform
- The State of AI for Sales Enablement, and the Evolution of the CRM | Emerj - Artificial Intelligence Research and Insight
- How To - Use VMware vSphere PowerCLI to patch hosts | 9to5IT
- How to Install latest ESXi VMware Patch - [Guide] | ESX Virtualization
- How to Write a Business Case ― 4 Steps to a Perfect Business Case Template | Workfront
- Security-related Rules
- New cybersecurity guidelines for medical devices | Vantage Asia
- How to Justify a Software Purchase — Step by Step
- SupplyChainBrain - The world's most comprehensive supply chain management information resource.
- Troubleshooting remote syslog reachability · Papertrail log management
- GitHub - trimstray/test-your-sysadmin-skills: A collection of *nix Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
- Solaris : How to start syslogd in debug mode – The Geek Diary
- Topic: Cybersecurity - ABA Journal
- How To Centralize Logs with Rsyslog, Logstash, and Elasticsearch on Ubuntu 14.04 | DigitalOcean
- Centralised logging with Rsyslog and Microsoft Azure - Part 1
- x265 transcoding | Nelson's log
- So You Automated Your Coworkers Out of a Job
- OSINT Resources for 2019 – Steve Micallef – Medium
- A Review of my Bug Hunting Journey - My Learning Journey
- HOWTO: Build a Temperature Alert System using a Raspberry Pi – Please Work
- What version of SQL Server do I have? | Mohammed Wasay
- List Domain Admins & Enterprise Admins in a domain | Mohammed Wasay
- Get the list of domain admins and check if they are enabled.
Get-ADGroupMember -Identity "Domain Admins" -Recursive | %{Get-ADUser -Identity $_.distinguishedName} | Select Name, Enabled
1
Get-ADGroupMember -Identity "Domain Admins" -Recursive | %{Get-ADUser -Identity $_.distinguishedName} | Select Name, Enabled
Get the list of enterprise admins and check if they are enabled.
Get-ADGroupMember -Identity "Enterprise Admins" -Recursive | %{Get-ADUser -Identity $_.distinguishedName} | Select Name, Enabled
1
Get-ADGroupMember -Identity "Enterprise Admins" -Recursive | %{Get-ADUser -Identity $_.distinguishedName} | Select Name, Enabled
- Create incremental OVA images using Packer
- Peter Gutmann's Home Page
- Peter Gutmann
- Blue Team Architecture and Analysis - Part 3, Coverage Assessment Map by J Geno - tool, knowledge, procedures
- Blue Team Architecture and Analysis - Part 2, Guide to the Part 1 Document by J Geno - engineering, management, data breaches
- Blue Team Architecture and Analysis - Part 1 by J Geno - time, business, goals
- PowerPoint Creating Conference Posters.pdf - Course_Book_Ppt_TIUD_Conference_Posters10.pdf
- All of Windows Cipher Suites | Mohammed Wasay
- Windows (10 & 2016) Build 1709 & 1803 cannot connect to SMB Shares | Mohammed Wasay
- Oracle to charge for Java Updates & how you can disable them | Mohammed Wasay
- Convert a Dynamic IP to Static | Mohammed Wasay
- Expedition ML4SEC Part - 1: Introduction to machine learning for security professionals - payatu
- Presentations: Billboard science : Naturejobs
- Turning your BMC into a revolving door - zeronights_2018_turning_your_bmc_into_a_revolving_door.pdf
- IoT Security – Part 4 (Bluetooth Low Energy - 101) - payatu
- IoT Security – Part 3 (101 - IoT Top Ten Vulnerabilities) - payatu
- Blog Archives - Page 3 of 4 - payatu
- IoT Security – Part 2 (101 - IoT Attack surface) - payatu
- IoT Security – Part 1 (101 - IoT Introduction and Architecture) - payatu
- RedTeaming from Zero to One - Part 2 - payatu
- RedTeaming from Zero to One - Part 1 - payatu
- Don’t Become a Ransomware Target
- Using Packer to Automate vSphere Template Builds
- Exploiting JNDI Injections in Java | Veracode blog
- vCloudNotes : Information Sharing: How to capture memory dump of a VM from snapshot or suspended state file
- Trusted Ransomware Removal And Data Recovery Experts
- Security Checklist
- North Korean hackers infiltrate Chile's ATM network after Skype job interview | ZDNet
- vCloudNotes : Information Sharing: Intel / AMD processor vulnerability: Meltdown-Spectre and VMware Esxi
- vCloudNotes : Information Sharing: How to reset iLO login password from within ESXi Shell
- Installing the Home Lab – Installing vCenter 5.5 on Windows 2012R2 – Everything-Virtual
- vCloudNotes : Information Sharing: How to Check, Start, Stop or Restart Windows version of vCenter 6.x Services
- HxD - Freeware Hex Editor and Disk Editor | mh-nexus
- Check with Powershell for Meltdown and Spectre #exploit critical vulnerabilities Protection #Meltdown #Spectre #KB4056892 | Robert Smit MVP Blog
- DevopsWiki/README.md at master · Leo-G/DevopsWiki · GitHub
- GitHub - ANSSI-FR/audit-radius: A RADIUS authentication server audit tool
- How to choose the correct Garbage Collector? Java Generational Heap and Garbage Collection explained - Karunsubramanian.com
- What you didn't know about java.lang.OutOfMemory Error! - Karunsubramanian.com
- Why is there a discrepancy between Windows Task manager Memory and Java Heap ? - Karunsubramanian.com
- Building vSphere Templates From Scratch Using Packer and the vSphere API – Green Reed Technology
- Windows 10 and reserved storage | Storage at Microsoft
- History · bibanon/bibanon Wiki · GitHub
- A huge list of Windows log file Event IDs for detecting lateral movement by S. Delano - development, python, script
- Detecting Lateral Movement through Tracking Event Logs
- Raspberrypi as poor man's hardware hacking tool - payatu
- Linux Security Hardening with OpenSCAP and Ansible – clasohm.com
- Splunk vs ELK - Karunsubramanian.com
- What is Docker? An absolute beginner's guide - Karunsubramanian.com
- Unable to Connect RDP: CredSSP Encryption Oracle Remediation | Windows OS Hub
- What is SYN_SENT socket status? - Karunsubramanian.com
- Windows XP Can’t RDP to Windows 10 / Server 2012R2/2016 RDS | Windows OS Hub
- Get Reverse-shell via Windows one-liner
- “Collection #1” Data Breach Analysis – Part 1 - Security AffairsSecurity Affairs
- How running websites has changed in the last two decades (for an Ars IT guru) | Ars Technica
- Fecebook Could Be Slapped With 'Record-Setting' Fine By FTC
- 7 Common Email Security Protocols Explained
- Facebook violated tough new cybersecurity law, says Vietnam – Naked Security
- DevOps and Culture, part 2 – Premier Developer
- DevOps and Culture, part 1 – Premier Developer
- UPnP, Vulnerability As A Feature That Just Won’t Die | Hackaday
- Serious Security: What 2000 years of cryptography can teach us – Naked Security
- Serverless computing: one step forward, two steps back | the morning paper
- The AI cybersecurity impact for IoT - Microsoft Secure
- Nine 2019 Cybersecurity PredictionsSecurity Affairs
- 6 Reasons We Need to Boost Cybersecurity Focus in 2019Security Affairs
- 4 ways to prepare for GDPR and similar privacy regulations - TechRepublic
- Chris's Wiki :: blog/linux/ZFSLicenseTwoViews
- Chris's Wiki :: blog/linux/CPUNumbersNotContiguous
- NFS. Not… Dead… Yet… - krypted.com
- Julia Reda – Designing the future of cybersecurity in Europe
- The challenges of adopting a consistent cybersecurity framework in the insurance industry - Microsoft Secure
- Guide to Developing a National Cybersecurity Strategy—a resource for policymakers to respond to cybersecurity challenges - Microsoft Secure
- RHEL 6 server receiving error mounting CIFS (Windows) share – mount error(112): Host is down | setaOffice
- Running Home Assistant in a Docker container with a Z-Wave USB stick · major.io
- All In with Home Assistant – Scott Gruby's Blog
- 2019 Cloud Predictions - Part 3 | APMdigest - Application Performance Management
- 2019 Cloud Predictions - Part 2 | APMdigest - Application Performance Management
- 2019 Cloud Predictions - Part 1 | APMdigest - Application Performance Management
- Virtual Machines do not boot after moving from Windows Server 2012 R2 to Windows Server 2019 - American Boffin
- Security in Windows Server 2019 - Security Art Work
- Data Security is a Global Economic Imperative - Blog | Tenable®
- Sitadel - Web Application Security Scanner - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Snyk
- Shed - .NET Runtime Inspector - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- dnSpy - .NET Debugger And Assembly Editor - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Estimating SOC BudgetRafeeq Rehman – Personal Blog
- Robert Penz Blog » Howto install Bitwarden in a LXC container (e.g. Proxmox)
- The Evil-Twin Framework: A tool for improving WiFi security | Opensource.com
- Behind the Scenes & Under the Carpet – The CenturyLink Network that Powered AWS re:Invent 2018 | AWS News Blog
- Learn Windows PowerShell in a Month of Lunches, Third Edition #BookReview #Powershell #PowerCLI #Scripting #vExpert -
- Terence Luk: Citrix NetScaler CLI command cheat sheet
- Emotet Malware Returns to Work After Holiday Break
- Triton/Trisis Attack Was More Widespread Than ...
- 'We Want IoT Security Regulation,' Say 95% of IT ...
- The Rx for HIPAA Compliance in the Cloud
- PCI Secure Software Standard v1.0 - PCI-Secure-Software-Standard-v1_0.pdf
- PCI Secure Software Standard v1.0 - PCI-Secure-Software-Standard-v1_0.pdf
- 2018's Most Common Vulnerabilities Include Issues ...
- EU copyright laws face uncertain fate after 11 countries reject proposal
- Oracle 19c Released : How does that make you feel? | The ORACLE-BASE Blog
- GDPR Compliance and the Oracle E-Business Suite Revisited | Integrigy
- Winds of change? Winds of mediocrity.
- Vulnerabilities in building access system used by schools, governments | CSO Online
- Summary: The Dichotomy of Leadership | Daniel Miessler
- Kubernetes: List of ports Carnal0wnage - Attack Research Blog Carnal0wnage & Attack Research Blog
- iPhone 11 Plus Wi-Fi 6 Equals Undefined? | The Networking Nerd
- iTWire - Cyber security threats will keep getting worse in 2019: claim
- Home Automation I | Zamir's Board
- CNC milling with open source software | Opensource.com
- Kubernetes security: 4 tips to manage risks | The Enterprisers Project
- Kali Linux 2018 for testing and maintaining Windows security - Wolf Halton and Bo Weaver [Interview] | Packt Hub
- How to Setup DRBD to Replicate Storage on Two CentOS 7 Servers
- Oracle Patches 284 Vulnerabilities in January Critical Patch Update
- AdoptOpenJDK - Open source, prebuilt OpenJDK binaries
- Thank You, John C. Bogle — My Money Blog
- Collection 1 data breach covers more than 772 million email addresses
- Cloud Computing TECHREPORT - 2018 ABA Survey Results | DennisKennedy.Blog
- Introduction to Ubuntu's LXD Containers - Make Tech Easier
- Chart: Stock Market Declines Are More Common Than You Think — My Money Blog
- Ryuk ransomware banks $3.7 million in five months
- Is GDPR Compliance Tougher Than HIPAA Compliance?
- Lessons From Report on Massive Singapore Healthcare Hack
- Government Shutdown: Experts Fear Deep Cybersecurity Impact
- Tom Kellermann
- Patch Tuesday, January 2019 Edition — Krebs on Security
- Ransomware Attacks: The Data Integrity Issues
- The 2019 Health Data Privacy Regulatory Outlook
- Cyber resilience and the GDPR - IT Governance Blog
- ITIL 4: What you need to know about the 2019 ITIL update - IT Governance Blog
- 2018 in Cybersecurity Review: What Happened and What the Future Brings (Part 2) 2018 in Cybersecurity Review: What Happened and What the Future Brings (Part 2)
- SMB Penetration Testing (Port 445)
- Windows Applocker Policy - A Beginner’s Guide
- How To Change E1000 into VMXNET3 without changing a MAC address | ESX Virtualization
- From Encrypting the Web to Encrypting the Net: A Technical Deep Dive on Using Certbot to Secure your Mailserver | Electronic Frontier Foundation
- OpenMediaVault – Good Times With mdadm | PenguinPunk.net
- January 2019 patchday issues | Born's Tech and Windows World
- Humana Breaches Reflect Chronic Credential Theft in ...
- Who Takes Responsibility for Cyberattacks in the Cloud?
- What’s wrong with patch-based Vulnerability Management checks? | Alexander V. Leonov
- Blowing the Dust off of an IBM AS/400 Server | Hackaday
- Resolving Microsoft SQL Server Error 4064 with PowerShell – Mike F Robbins
- The Biggest Storage Trends of 2019 | Architecting IT
- What Makes IoT A Security Risk? | The Networking Nerd
- Configuring TACACS+ Server on Ubuntu 14.04LTS – Keeran's Blog
- CLOS Topology
- Firewall Ruleset Automation with CI Pipeline « ipSpace.net blog
- How to configure Windows 10 in Kiosk Single App, full-screen mode
- Just one more esxi-guy: The D.C.L.I. (Datacenter CLI)
- Stanford uploads 111 lectures by Donald Knuth. – Virtually Fun
- Taking a look at AutoDeploy in vSphere 6.5
- Tiger - The Unix Security Audit and Intrusion Detection Tool
- Tiger - The UNIX Security audit and intrusion detection tool
- How to Set Up a Local DNS Resolver on Ubuntu 18.04, 16.04 with BIND9 - LinuxBabe
- Am I financially independent? (And does it matter?)
- CVE Vulnerabilities: All You Ever Wanted to Know About
- Top Ways to Get ROI From Your AppSec Program - Security Boulevard
- Kubernetes: Master Post Carnal0wnage - Attack Research Blog Carnal0wnage & Attack Research Blog
- Top 5 things SMBs should consider when evaluating a cybersecurity strategy | Webroot
- All About the Hotspot Honeypots - Security Boulevard
- How to data breaches happen - Security Boulevard
- Sometimes A Vulnerability Isn’t So Vulnerable
- pfSense VLANs on Proxmox - Linux Included
- SSHGuard settings on pfSense - Linux Included
- Healthcare Continues to Be Prime Target for Cyber Attacks
- SlackPirate - The Slack Enumeration and Extraction Tool - emtunc's Blog
- Using Ansible to bring up a three node Patroni cluster in minutes - Blog dbi services
- GitHub - danluu/post-mortems: A collection of postmortems. Sorry for the delay in merging PRs!
- Reading postmortems
- Verizon FiOS – ICMP Traceroute Issues
- Too much disk IO on sda in RAID10 setup | blog.windfluechter.net
- How to be More Productive by Using the “Eisenhower Box”
- GDPR Myth #1: Fine of 4% of global turnover for your first GDPR offence | VinciWorks Blog
- Senators Demand Voting Machine Vendor Explain Why It Dismisses Researchers Prodding Its Devices
- Displaying IP Info on Console with Netplan – Fixing IT
- Julia Reda – In January, the EU starts running Bug Bounties on Free and Open Source Software
- TheHive Project – Open Source, Free and Scalable Cyber Threat Intelligence & Security Incident Response Solutions
- Tesla Model 3 known good accessories | TinkerTry IT @ Home
- PRETty - "PRinter Exploitation Toolkit" LAN Automation Tool - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Tesla Model 3 replacing my 13 year old Honda Civic Hybrid, let's see how that goes. So far, so good! | TinkerTry IT @ Home
- 7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions - Data Security Blog | Thales eSecurity
- Docker Security Tips & Best Practices – Threat Stack
- Healthcare IT Continues to Struggle with Backup Strategies - Security Boulevard
- 9 Benefits of ISO 27001 Certification (Some You Know, Some You Probably Don’t) | Pivot Point Security
- Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack — Krebs on Security
- MISP - Malware Information Sharing Platform and Threat Sharing - The Open Source Threat Intelligence Platform
- The Docker Bench For Security - A Script That Checks For Dozens Of Common Best-Practices Around Deploying Docker Containers In Production - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- XSRFProbe - The Prime Cross Site Request Forgery Audit And Exploitation Toolkit - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- The 4 stages of cyber resilience - IT Governance Blog
- The End (of 2018) Is Near: Looking Back for Optimism
- New Year’s Resolution for 2019: Cybersecurity Must Be the Top Priority for the Board
- New cybersecurity rules take effect in South Carolina
- Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients - HICP-Main-508.pdf
- Analyzing the Portuguese DPA's first GDPR fine
- Marriott Provides Update on Starwood Database Security Incident
- 25 Years Later: Looking Back at the First Great ...
- 2018 Health Data Breach Tally: An Analysis - HealthcareInfoSecurity
- Do not look for Cheap Black Friday Deal Testing - EvilTester.com
- The Difference Between Security and Privacy | Daniel Miessler
- Major US newspapers crippled by Ryuk ransomware attack | CSO Online
- Japan seeks cyberattacks to be in scope of security treaty with U.S. - Japan Today
- Why Automation Matters : Consistent Test Environments | The ORACLE-BASE Blog
- Easy PXE boot testing with only HTTP using iPXE and libvirt
- 10 ways to use OneNote for Project Management - SharePoint Maven
- Extend the evaluation period of Windows Server 2012/2016 and 2019 - ivobeerens.nl
- Recognizing Vendor Risks to National Security in the CFIUS Process - Lawfare
- How the Boston Children’s Hospital Is Innovating on Top of an Open Cloud
- 7 Nginx Rewrite Rule Examples with Reg-Ex and Flags
- The Developer Coefficient
- Yammer Seen Counts for Conversations – All About I.T.
- The two most important ways to defend against security threats | CSO Online
- Introduction to Cryptography Basic Principles
- weblogic - how to change listen port from default 7001 to something different? - Stack Overflow
- How to change the default port of weblogic (7001) (BEA/Weblogic forum at Coderanch)
- 10 Google Docs Tips That Take Seconds and Save You Time
- Launching Rational Cybersecurity for the Business | Security Architects Partners Dan Blum
- Erman Arslan's Oracle Blog: RDBMS -- TLS 1.2 support and issues ORA-29263: HTTP protocol error & ORA-29024: Certificate validation failure
- Erman Arslan's Oracle Blog: Oracle Seminar -- Oracle Technologies and Oracle Products + Oracle Job roles
- Erman Arslan's Oracle Blog: Exadata -- Exadata X3 reimaging problem -- biosbootorder
- Erman Arslan's Oracle Blog: Weblogic -- Performance problem - Forms & Reports environment -- Unable to load performance pack / libmuxer.so
- Change the Listen Port for Weblogic AdminServer #Oracle #IDM #Identity - TUMY | TECH
- Erman Arslan's Oracle Blog: Weblogic -- HACMP Configuration, IP Address Change
- The Finnish Hyperion Guy: Tidy Up WebLogic Server After EPM System Installation
- Vulnerability Management Part 1 I Pivot Point Security
- Yes: Your Law Firm Needs to Do a Business Impact Analysis | Pivot Point Security
- WebLogic AdminServer Port Conflict Remote Running on PC
- Java mon amour: Installing JIRA
- Java mon amour: Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch
- Java mon amour: java showSettings
- Default Port Numbers You Need to Know as an Administrator
- Why Tenable/NESSUS requires full level 15 access for Cisco devices? Don’t need it.
- Security/TLS Configurations - MozillaWiki
- Security/Server Side TLS - MozillaWiki
- Transport Layer Protection Cheat Sheet - OWASP
- Oracle – Got minus one from a read call – How to tackle? | {"code":"java"}
- Come Across: Presenting : Explore and Implement SharePoint Security: Permissions, Identities, and Objects @ NCS SharePoint CoP Group
- Security Update Guide
- CyGraph: Cybersecurity Situational Awareness That’s More Scalable, Flexible & Comprehensive - Neo4j Graph Database Platform
- TDS Endpoints: SQL Server's "Listener" | ColleenMorrow.com
- Private Investigator - Stillinger investigations
- How a U.S. Health Care System Uses 15-Minute Huddles to Keep 23 Hospitals Aligned
- Automotive Cybersecurity
- CDRH’s Medical Device Safety Action Plan – An Aspirational Blueprint for Addressing Medical Device Safety | Health Law | STAT
- Thora A. Johnson
- Active Directory® 101 - JumpCloud
- How to check if your processor supports Virtualization Technology on Ubuntu
- Chris's Wiki :: blog/linux/ZFSFileserverSameness
- Malwarebytes IT Security Predictions 2019 | Born's Tech and Windows World
- Serverless OpenLDAP™ - Security Boulevard
- The Best of Shape Security 2018 - Security Boulevard
- OPTPOLINES - Formerly Relpolines, Lower Overhead To Retpolines For Spectre Mitigation - Phoronix
- Local stratum-1 NTP server
- Ubiquiti Unifi setup
- Touchless health monitoring module works with Raspberry Pi
- Home - ROI-NJ
- MacOS Security Baseline Script – JerryGamblin.com
- Favorite Security Books Of 2018 – JerryGamblin.com
- Welcome to ServerlessSecurity.org! | ServerlessSecurity.org
- Host Websites On Github – JerryGamblin.com
- SQL Server 2014 Service Pack 3 is now Available!!! | SQL Server Release Services
- Adam Shostack's personal homepage
- The Hard Truth About G2A, Kinguin and Grey Market Keys – Locke's Journey
- Understanding the unique Israeli concept of Rosh Gadol (ראש גדול)-updated | Allon Shevat
- News – Joel on Software
- GitHub - cybermaggedon/cyberprobe: Capturing, analysing and responding to cyber attacks
- What Are Cipher Suites? - Security Boulevard
- Jacek Kowalczyk / my-debian · GitLab
- Looking Back at the Top Cyber-Securities Issues of 2018
- Cyber and Technology Resilience: Themes from cross-sector survey 2017 - 2018 - technology-cyber-resilience-questionnaire-cross-sector-report.pdf
- The Life of Kenneth: FCIX - State of the Exchange
- On Thinking About Infrastructure as Code - Scott's Weblog - The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking
- Hilbert’s list | Seth's Blog
- 1. High efficiency, sustainable method for growing sufficient food, including market-shifting replacements for animals as food
2. High efficiency, renewable energy sources and useful batteries (cost, weight, efficiency)
3. Effective approaches to human trafficking
4. Carbon sequestration at scale
5. Breakthrough form for democracy in a digital age
6. Scalable, profitable, sustainable methods for small-scale creators of intellectual property
7. Replacement for the University
8. Useful methods for enhancing, scaling or replacing primary education, particularly literacy
9. Beneficial man/machine interface (post Xerox Parc)
10. Cost efficient housing at scale
11. Useful response to urban congestion
12. Gene therapies for obesity, cancer and chronic degenerative diseases
13. Dramatic leaps of AI interactions with humans
14. Alternatives to paid labor for most humans
15. Successful interactions with intelligent species off Earth
16. Self-cloning of organs for replacement
17. Cultural and nation-state conflict resolution and de-escalation
18. Dramatically new artistic methods for expression
19. Useful enhancements to intellect and mind for individuals
20. Shift in approach to end-of-life suffering and solutions for pain
21. Enhanced peer-to-peer communication technologies approaching the feeling of telepathy
22. Transmutation of matter to different elements and structures
23. Off-planet outposts
It’s going to get interesting. Especially if we can imagine it.
- Cybersecurity and Insurance | Hackaday
- Patch Lady – vendors start to shut the doors on Windows 7 @ AskWoody
- Find Windows 10 Upgrade Blockers with PowerShell – smsagent
- FYI: End of Support for Windows 7, SQL-Server 2008 and more | Born's Tech and Windows World
- Effective Mental Models for Code and Systems – Cindy Sridharan – Medium
- The Art of Vacuum Tube Fabrication | Hackaday
- configuring_ssl_for_oracle_client_with_cac_using_mcs_3.pdf
- GitHub - pmdba/plsql-pii-scanner: An example of a method for scanning the Oracle data dictionary for potential PII data and automating specific responses, such as encrypting of columns or alerting the DBA, when new data is found.
- Finding And Fixing Node.js Memory Leaks: A Practical Guide | eknori.de
- Firejail - Securely Run Untrusted Applications in Linux
- I Hunt Sys Admins - The Intercept
- How China’s Elite APT10 Hackers Stole the World’s Secrets | WIRED
- How To Organize Your Income And Expenses
- How VMware Certifications changed my life -
- Getting started with chaos engineering | Opensource.com
- Chris's Wiki :: blog/linux/ZFSFileserverSetupIII
- Creating a useful spec | Seth's Blog
- NASA Astronomer Nancy Grace Roman, 'Mother' Of Hubble Space Telescope, Is Dead : NPR
- PostgreSQL-Diagnostic-Queries – DB-Tune
- Hackers Attack IPMI Default Passwords to Deploy Ransomware On Linux Servers - Latest Hacking News
- EU offers bounties to help find security flaws in open source tools
- Malware stalls delivery of LA Times and other major US newspapers
- Linux ip Command Examples - nixCraft
- Azure in the Government of Canada - Eric’s Azure Blog
- Penetration Testing on Group Policy Preferences
- From Encrypting the Web to Encrypting the Net: 2018 Year in Review | Electronic Frontier Foundation
- Side-Channel Vulnerability Variants 3a and 4 - Spectre and Meltdown - blackMORE Ops
- Building a PowerShell Process Memory Tool • The Lonely Administrator
- How to add network driver to Windows 10 PE | Marco Franssen
- Put your ssh experience in Windows on Steroids | Marco Franssen
- DSHR's Blog: Securing The Hardware Supply Chain
- Top 5 Cybersecurity Priorities for 2019: Ponemon Study - Blog | Tenable®
- Healthcare Data Breaches Associated with 64% Increase in Advertising Expenditures - Security Boulevard
- Top 30 Chief Information Security Officer (CISO) Interview Questions and Answers for 2018
- Top 30 Chief Information Security Officer (CISO) Interview Questions and Answers for 2018 - Security Boulevard
- Healthcare Cybersecurity in 2019: The Time is Now - Security Boulevard
- Top 20 Most Popular Hacking Tools in 2018 - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Improving DNS logging, dnstap on Ubuntu - Koen Van Impe - vanimpe.eu
- Data Sanitization 5.3 release | OPSWAT
- The Year of the GDPR: 2018’s Most Famous Privacy Regulation in Review | Electronic Frontier Foundation
- Blog Exploits on the Rise | Onapsis
- Selenium IDE Tactical or Strategic? - Evil Tester - Technical Testing with Skill, Attitude and Pragmatism
- Looking Back: 2018 Project Report Card - Scott's Weblog - The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking
- An Internet Outage Could Kick In WannaCry Ransomware Again
- The elements of cybersecurity hygiene and secure networks -- Part 2
- The elements of cybersecurity hygiene and secure networks -- Part 1
- Cuckoo – Sandboxed Malware Analysis – ls /blog
- Chris's Wiki :: blog/sysadmin/MetricsAndUnderstandingMore
- The Best Maker YouTube Channels | Cool Tools
- Intel 5500 chipset heatsink tuning
- Smokeping – network latency monitor with Raspberry Pi – Alexander's Blog
- Context: Your Super-Weapon in Vulnerability Management? - Security Boulevard
- Industrial Control Systems Healthcheck | Mandiant | FireEye
- PCI Pal and Verizon White Paper Examines PCI Security Compliance in Contact Centre Environments - Security Boulevard
- Apache Struts Vulnerabilities vs Spring Vulnerabilities — One of these popular open source projects might be riskier than the other - Security Boulevard
- Defense in Depth: 4 Essential Layers of ICS Security
- AWS Lambda Security Quick-Start Guide
- Secure & Compliant Payment Solutions for Contact Centres | PCI Pal
- OWASP Top 10 Security Risks – Part II - Security Boulevard
- Software Monitoring for NERC CIP Compliance: Part 1
- Continuous Monitoring : Academic Paper - Security Boulevard
- OWASP Top 10 Vulnerabilities List — You’re Probably Using It Wrong
- A Brief Introduction to the OpenVAS Vulnerability Scanner
- Tis the Season to Check your SSL/TLS Cipher List Thrice (RCurl/curl/openssl) - Security Boulevard
- Cybersecurity is Increasingly Important for M&A Dealmakers - Security Boulevard
- PIPEDA & MDR: Breaches, Reporting and Advice
- Shared responsibility model: Who owns cloud security? - Security Boulevard
- RACI matrix in ISO 27001 implementation – How to use it?
- Negative Impact of Incorrect CSP Implementations - Security Boulevard
- Future Crimes by Marc Goodman (Book Summary) - Security Boulevard
- 37% of Ransomware Attacks Targeted Healthcare Organizations in Q3, Cyber Insurer Says - Security Boulevard
- PIPEDA Best Practices Achieved with MDR - Part 2 - Security Boulevard
- PIPEDA Best Practices Achieved with MDR - Security Boulevard
- Achieve CIS Compliance in Cloud, Container and DevOps Environments
- FreeRADIUS for MSPs - Security Boulevard
- Ten Ways Your Healthcare Org May Be Violating HIPAA - Security Boulevard
- 36 Best Business Books that Changed Microsoft Leaders’ Lives – J.D. Meier's Blog
- How I Became A Believer In Consuming IT Security As A Service - Security Boulevard
- 5 lessons public wi-fi can teach us about cybersecurity - Security Boulevard
- Apache Struts Vulnerabilities Burden Us With a ‘Stay or Go’ Deliberation - Security Boulevard
- A Little Guide to SMB Enumeration
- NHS is still assessing the cost of WannaCry one year laterSecurity Affairs
- CompTIA A+ Renewal Process - Security Boulevard
- Security Vulnerability in Internet-Connected Construction Cranes - Schneier on Security
- How to Enable HTTP/2 in Nginx
- Spectre mitigation guts Linux 4.20 performance – Naked Security
- InfoSec Handlers Diary Blog - Restricting PowerShell Capabilities with NetSh
- Pedagogic-cybersecurity-framework.pdf
- 6 years of Raspberry Pi in video | Opensource.com
- stoQ - An Open Source Framework For Enterprise Level Automated Analysis - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Keyfinder - A Tool For Finding And Analyzing Private (And Public) Key Files, Including Support For Android APK Files - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- 6 Ways to Anger Attackers on Your Network
- Reddit helps admin solve mystery of rogue Raspberry Pi – Naked Security
- Why a Helium Leak Disabled Every iPhone in a Medical Facility - Motherboard
- ꓘamerka — Build interactive map of cameras from Shodan
- Here's How Easy It Is to Make Your Own IMSI-Catcher
- Libvirt Fencing on a Physical KVM Host | Lisenet.com :: Linux | Security | Networking
- Yubico Security Key Review (The complete edition)
- SQLiScanner - Automatic SQL Injection With Charles And Sqlmap API - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Understanding the 7 different types of data breaches - Security Boulevard
- Voice of the Customer: The Walsh Group found that Azure Active Directory gives them a competitive edge - Security Boulevard
- Star WannaCry victim NHS to ban fax machines by 2020 - Security Boulevard
- New NIST TLS Management Guidelines for InfoSec [Expert Advice] - Security Boulevard
- New NIST TLS Management Guidelines for InfoSec [Expert Advice] - Security Boulevard
- Notes on Build Hardening - Security Boulevard
- 5 Key Components Every Company Should Have in Their Privacy Policy - Security Boulevard
- The Top 5 Third-Party Cyber Gaps of 2018 - Security Boulevard
- Ahead of the Curve: University Incident Response Plans and Communications - Security Boulevard
- OWASP 'ServerlessGoat': A Vulnerable Demo Serverless Application - Security Boulevard
- The Year Ahead: Cybersecurity Trends To Look Out for In 2019 - Security Boulevard
- What’s the Problem with SMB 1, and Should You Worry About SMB 2 and 3? - Security Boulevard
- Why TLS 1.3 is a Huge Improvement - Security Boulevard
- Strategic Ways to Add Value to Your IT Consulting Business
- Beyond Scanning: Don’t Let AppSec Ignorance Become Negligence - Security Boulevard
- GUEST ESSAY: Top cybersecurity developments that can be expected to fully play out in 2019 - Security Boulevard
- Want Your R&D Team to Rock? 7 Tips to Help Your Developers Perform Like a Supergroup - Security Boulevard
- Top 30 Supervisory Control and Data Acquisition (SCADA) Technician Interview Questions and Answers for 2019 - Security Boulevard
- 3 Reasons Osquery Should Be On Every Incident Responders Christmas List - Security Boulevard
- Healthcare Cybersecurity in Intensive Care - Security Boulevard
- Flaws and Vulnerabilities and Exploits – Oh My! - Security Boulevard
- 5 tips to secure your supply chain from cyberattacks - TechRepublic
- We Asked 105 Experts What Worries Them Most About the Future - Motherboard
- testssl.sh - Testing TLS/SSL Encryption Anywhere On Any Port - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- XSStrike v3.0 - Most Advanced XSS Detection Suite - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Lynis 2.7.0 - Security Auditing Tool for Unix/Linux Systems - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- SpiderFoot - The Most Complete OSINT Collection And Reconnaissance Tool - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- CRS - OWASP ModSecurity Core Rule Set - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Jackhammer - One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Celerystalk - An Asynchronous Enumeration and Vulnerability Scanner - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- Faraday v3.4 - Collaborative Penetration Test and Vulnerability Management Platform - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
- The 4 phases of a business continuity plan - IT Governance Blog
- List of data breaches and cyber attacks in November 2018 - 251,286,753 records leaked - IT Governance Blog
- How to create a business continuity plan – with free template - IT Governance Blog
- How to build a cyber incident response team - IT Governance Blog
- 7 of the most common cyber attacks you need to prepare for - IT Governance Blog
- Your checklist for responding to and reporting data breaches - IT Governance Blog
- 10 things you must do to become cyber secure - IT Governance Blog
- Your DPO questions answered in an interview with information security experts - IT Governance Blog
- Phishing, Ransomware Attacks Continue to Menace Healthcare
- Why NIST is so popular in Japan
- 7 CI/CD tools for sysadmins | Opensource.com
- Australia's new 'decryption' law and its effect on tech companies worldwide
- HOWTO: Calculate Elapsed Business Hours Using PowerShell – Please Work
- Network UPS Tools | Calvin Bui
- VMware vSphere Security - Getting Started Hands-on Lab
- People First – The Frequently Overlooked Importance of Culture Change in DevOps Journeys – Premier Developer
- Colorado Embraces New IT Security Philosophy
- Zero Trust part 1: Identity and access management - Microsoft Secure
- StarWind rPerf free tool • Nolabnoparty
- HTTP vs HTTPS – lakkireddymadhu
- How protected are you against cyber-attacks? – lakkireddymadhu
- All major browsers drop TLS 1.0 and 1.1 in 2020 – lakkireddymadhu
- How To Set Up Nginx with HTTP/2 Support on Ubuntu 16.04 | DigitalOcean
- HTTP/2 – lakkireddymadhu
- World Computer Security Day – lakkireddymadhu
- How to Find Hidden & Saved Passwords in Windows 10 – lakkireddymadhu
- How to Be Invisible Online (Without Going off the Grid) – lakkireddymadhu
- Visibility vs Results | The ORACLE-BASE Blog
- 10 Cybersecurity Myths – lakkireddymadhu
- Penetration Testing Techniques: Conducting effective recon for enhanced phishing (Office 365 edition) – David Vassallo's Blog
- Find email addresses in seconds • Hunter (Email Hunter)
- HTTP/3 – lakkireddymadhu
- HHS Deputy Secretary Eric Hargan Describes Cyber Initiative
- Analysis: Did Anthem’s Security ‘Certification’ Have Value?
- Health Data Breach Tally: Analyzing the Latest Trends
- Getting Started with Desired State Configuration Resources for VMware - VMware PowerCLI Blog - VMware Blogs
- Medical Devices: The Long Road to Security - HealthcareInfoSecurity
- 5 – 15s DNS lookups on Kubernetes? – Quentin
- Marriott: Data on 500 Million Guests Stolen in 4-Year Breach — Krebs on Security
- Installing metasploitable with vagrant
- What the Marriott Breach Says About Security — Krebs on Security
- HHS Seeks Feedback on Potential HIPAA Changes
- Incident Response: Why a Tabletop Exercise Is Essential
- SlithIR · trailofbits/slither Wiki · GitHub
- Slither – a Solidity static analysis framework | Trail of Bits Blog
- Cybersecurity Trends to Watch Out for in 2019 | Webroot
- Windows Incident Response: Veteran Skillz
- GDPR Compliance: The Role of Vendor Risk Management
- Does HIPAA Need to Be ‘Modernized’? - HealthcareInfoSecurity
- What is a VMware VIB file?
- How to Patch vCenter Server Appliance (VCSA) - [Guide] | ESX Virtualization
- I just setup WireGuard, and I’ll never go back to OpenVPN | Logan Marchione
- Windows Incident Response: Basic Skillz, pt II
- Windows Incident Response: Basic Skillz
- Though 2018 Will Likely Not Surpass 2017 Numbers – Still Significant Year For Breach Activity
- On Pace To Break 20k Mark For Disclosed Vulnerabilities
- Visualise Sysmon Logs and Detect Suspicious Device Behaviour -SysmonSearch- - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- Visualise Event Logs to Identify Compromised Accounts - LogonTracer - - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- What Is the OBD-II Port and What Is It Used For?
- 5 Cybersecurity Predictions for 2019
- Cyber Security Lessons from Abroad – Australia’s Essential Eight
- Addressing the CISO’s Key Challenges in 2018 and Beyond with Endpoint Detection and Response
- Multiple Ways To Exploiting HTTP Authentication
- ODA : Free up space on local filesystems - Blog dbi services
- 2018 in cybersecurity: Regrets, we have a few
- How To Install OpenLDAP Server for Centralized Authentication
- Listen to the radio at the Linux terminal | Opensource.com
- Web Proxy Penetration Lab Setup Testing using Squid
- Hack the Box: Jerry Walkthrough
- Comprehensive Guide on Dirbuster Tool
- HTTP Banner Grabbing Beyond The Root - DigiNinja
- Nessus Through SOCKS Through Meterpreter - DigiNinja
- Blog, Integrating GNS3 and VirtualBox - DigiNinja
- Wifi Honey - DigiNinja
- Multiple Ways to Exploit Tomcat Manager
- Thanos: long-term storage for your Prometheus Metrics on OpenShift – Red Hat OpenShift Blog
- FAIRCON Showcases Quantitative Risk Analysis on the Cusp of Adoption | Security Architects Partners
- How to Establish a Security Culture | Security Architects Partners
- Securezoo Articles
- Routes-apply.sh - Safely apply routes and revert on error | Sebastian Neef - 0day.work
- Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough
- Here are the most common cyber security threats that occur in the healthcare sector
- 2018 in Cybersecurity Review: What Happened and What the Future Brings (Part 1)
- 7 Ways an Old Tool Still Teaches New Lessons About ...
- 9 Traits of A Strong Infosec Resume
- 7 Free (or Cheap) Ways to Increase Your ...
- 6 Python and containers videos worth watching | Opensource.com
- Patching the vCenter Server Appliance (VCSA) using the REST API
- Dream of augmented humans endures, despite skeptics - Japan Today
- How To Install IIS In Windows Server 2019 - RootUsers
- How To Enable Remote Desktop In Windows Server 2019 - RootUsers
- U.S. GAO - Information Security: Significant Progress Made, but CDC Needs to Take Further Action to Resolve Control Deficiencies and Improve Its Program
- DSHR's Blog: Securing The Software Supply Chain
- U.S. GAO - Federal Building Security: Actions Needed to Help Achieve Vision for Secure, Interoperable Physical Access Control
- U.S. GAO - Information Security: Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions
- SQL Server Linux: fsync and Buffered I/O – SQL Server According to Bob
- SQL Server On Linux: Forced Unit Access (Fua) Internals – SQL Server According to Bob
- How to become an AWS expert | AWS News Blog
- Serverless and startups, the beginning of a beautiful friendship | AWS News Blog
- ESXi 6.5.0 fails to boot with Error loading /a.b00 – Virtually Sober
- How to Enable TLS 1.3 in Nginx
- Security operations activities to watch in 2019 | CSO Online
- The Difference Between a Penetration Test and a Red Team Engagement | Daniel Miessler
- Automating a DevOps-Friendly Security Policy
- A Container Hacker’s Guide to Living Off of the Land – Professionally Evil Insights
- Measuring container security [LWN.net]
- Security Considerations for Container Runtimes - RHD Blog
- Deploying SQL Server on K8s with Helm charts
- Virtual Patching or Good Security Design instead?
- A checklist for overcoming life and career setbacks - 80,000 Hours
- A year's worth of education for under a dollar and other 'best buys' in development, from the UK aid agency's Chief Economist - 80,000 Hours
- Response: A Chief Security Concern for Executive Teams - EtherealMind
- Zen of Routing Protocols « ipSpace.net blog
- Red Hat Global Customer Tech Outlook 2019: Automation, cloud, & security lead funding priorities
- A Chief Security Concern for Executive Teams — Krebs on Security
- 5 Dedicated Server Security Vulnerabilities and How to Troubleshoot Them – ThisHosting.Rocks
- HardenedBSD 12 Released With Jailed Bhyve, Disables SMT By Default - Phoronix
- Closing the Global Cyber Enforcement Gap - Lawfare
- NASA discloses October security breach
- The US ballistic missile system is a cybersecurity nightmare
- Errata Security: Masscan as a lesson in TCP/IP